kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00

Author	SHA1	Message	Date
shuting	025a477688	fix: non-trigger resources should be skipped for background policies regardless of `skipBackgroundRequests` settings (#9333 ) * fix skip checks Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: skip request for non-triggers Signed-off-by: ShutingZhao <shuting@nirmata.com> * add missing files Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: empty policy Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2024-01-04 12:47:58 +02:00
shuting	67b96a7cf2	refactor: mutate checks (#9255 ) * refactor Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-22 15:07:17 +02:00
shuting	7282ecca9f	fix: add `skipBackgoundRequests` to configure loop protection option (#9157 ) * fix typo Signed-off-by: ShutingZhao <shuting@nirmata.com> * add new attribute skipBackgroundRequests Signed-off-by: ShutingZhao <shuting@nirmata.com> * move to per rule config Signed-off-by: ShutingZhao <shuting@nirmata.com> * check flag Signed-off-by: ShutingZhao <shuting@nirmata.com> * clean up Signed-off-by: ShutingZhao <shuting@nirmata.com> * update docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix logger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add retryCount to ur.status Signed-off-by: ShutingZhao <shuting@nirmata.com> * add chainsaw tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-12-19 06:25:12 +00:00
Mariam Fahmy	eab6b4eceb	fix: updaterequests stuck in pending/fail infinite loop (#9119 ) * fix: updaterequests stuck in pending/fail infinite loop Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: prevent creating URs upon DELETE unless it is specified Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix chainsaw test Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-12-15 16:42:10 +02:00
Mariam Fahmy	a60dc00392	feat: migrate to events.k8s.io/v1 (#7673 ) * feat: migrate events to events.k8s.io group Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: kuttl event tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * migrate background events to events.k8s.io Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * update kuttl tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * remove ResourceSkipped from actions Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>	2023-07-26 14:06:51 +00:00
shuting	20f74412f1	fix: remove deletionTimestamp checks (#7039 ) * remove deletionTimestamp check Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove deletionTimestamp check Signed-off-by: ShutingZhao <shuting@nirmata.com> * add back source check Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove deletionTimestamp check Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-04-29 23:25:13 +02:00
Charles-Edouard Brétéché	a710cccb7a	fix: replace background sa name in config by a flag (#6790 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-05 11:50:29 +00:00
Charles-Edouard Brétéché	784ca07419	refactor: engine rule response creation (#6784 ) * refactor: engine rule response creation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * private fields Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-05 10:35:38 +00:00
Charles-Edouard Brétéché	5d6b987eec	refactor: kyverno_policy_execution_duration_seconds metric management (#6782 ) * refactor: kyverno_policy_results metric management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: kyverno_policy_results metric management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-04 16:34:58 +00:00
Charles-Edouard Brétéché	b2340785fc	refactor: kyverno_policy_results metric management (#6781 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-04 23:07:43 +08:00
Charles-Edouard Brétéché	c9bbf38191	refactor: remove more admission request pointers (#6774 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-04 13:11:18 +08:00
Charles-Edouard Brétéché	6a0a336755	refactor: return structs instead of pointer in engine api (#6647 ) * refactor: return structs instead of pointer in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-03-22 22:55:00 +08:00
shuting	6f7f06f0d4	chore: cleanup generate codebase (#6598 ) * add debug info Signed-off-by: ShutingZhao <shuting@nirmata.com> * cleanup code Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove unused labels Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * reset resource version Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove ur updater Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * cleanup code Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove code to add labels to clone source #6583 Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * remvove labels from test resource Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove generated by labels Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-17 08:36:06 +00:00
shuting	dbfeb75793	feat: ignore admission requests sent by the kyverno background controller (#6499 ) * ignore ARs sent by the kyverno background controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test Signed-off-by: ShutingZhao <shuting@nirmata.com> * add background controller sa to exclude usernames Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-15 12:27:28 +00:00
shuting	637f830917	feat: apply generate rules on trigger events (#6508 ) * - fire generation on trigger deletion, with condition rules; - delete downstream if trigger no longer matches; - delete downstream if trigger is deleted, with sync rule Signed-off-by: ShutingZhao <shuting@nirmata.com> * trim condition key spaces Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix UR spec Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-sync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-nosync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-sync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename policy Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-data-nosync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * add debug logs Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-create-on-trigger-deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-sync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-nosync-delete-trigger Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-sync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> * update readme Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test cpol-clone-nosync-update-trigger-no-match Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-10 17:17:10 +00:00
shuting	ee07f658ec	remove dead code (#6377 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-02-23 12:18:05 +01:00
shuting	d5684f6794	add labels to downstream and source resources (#6322 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-02-22 10:49:09 +00:00
Charles-Edouard Brétéché	3ff83c7bdd	refactor: context loading and engine methods (#6253 ) * refactor: context loading and engine methods Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-02-08 13:55:03 +08:00
Charles-Edouard Brétéché	6c0549febe	refactor: more engine interface (#6199 ) * refactor: more engine interface Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fixes Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-02-03 13:01:11 +08:00
Charles-Edouard Brétéché	848596ca8d	refactor: introduce context loader interface in engine api (#6164 ) * refactor: introduce context loader interface in engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * factory Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * mock Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-31 22:30:40 +08:00
Charles-Edouard Brétéché	fb94f6ea75	refactor: introduce engine api package (#6154 ) * refactor: introduce engine api package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * status Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-30 11:41:09 +00:00
Charles-Edouard Brétéché	ff728d5f2b	feat: propagate context through engine (#5639 ) * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: propagate context through engine Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-09 21:45:11 +08:00
Charles-Edouard Brétéché	7219b4f8a3	refactor: registry client (#5596 ) * refactor: registry client Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-07 23:08:37 +08:00
Charles-Edouard Brétéché	5b89e2e5f8	refactor: make policy context immutable and fields private (#5523 ) * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: make policy context immutable and fields private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-12-02 16:14:23 +08:00
Charles-Edouard Brétéché	dfded5cc60	feat: propagate context to the metrics package (#5479 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-28 10:30:14 +00:00
Prateek Pandey	2b4ff1ef6d	fix: synchronize source resource update to clone list resource (#5317 ) * fix: synchronize source resource update to clone list target resource Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add kuttl test to verify the clone list synchronized behavior Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor functions parameters Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix the kuttl test description and behavior README Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * Use entire content to compare Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-11-11 19:30:54 +00:00
Charles-Edouard Brétéché	cc8f643767	refactor: admission metrics (counter and latency) (#5245 ) * refactor: move all middlewares in handlers sub package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: admission metrics (counter and latency) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * builder Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-09 18:52:20 +08:00
Charles-Edouard Brétéché	d558c12470	refactor: move generation handler out of webhooks package (#4570 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 19:49:38 +05:30
Charles-Edouard Brétéché	3e5645dd32	refactor: make webhook metrics helpers static (#4554 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-09 07:11:16 +03:00
Charles-Edouard Brétéché	0cc4d9b1f0	fix: duration metrics precision (#4393 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-24 19:08:42 +08:00
Charles-Edouard Brétéché	5aaf2d8770	chore: make kyverno api import aliases consistent (#3939 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-17 13:12:43 +02:00
Charles-Edouard Brétéché	c12f94d6d4	chore: enble gci linter (#3930 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-17 07:56:48 +02:00
Charles-Edouard Brétéché	c112aaefa1	refactor: separate resource mutation/validation handlers from server (#3908 ) * refactor: webhooks server logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: separate policy mutation/validation handlers from server Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * separate resource mutation from server code Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-16 22:36:21 +08:00

33 commits