kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
shuting	b4f2b63f53	Load `mutate.targets` via dclient (#3797 ) * Load mutate.targets via dclient Signed-off-by: ShutingZhao <shuting@nirmata.com> * Do not fail on namespace cleanup for e2e generate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix wildcard name listing for a certain namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * Rename onPolicyUpdate to mutateExistingOnPolicyUpdate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Enable "mutateExistingOnPolicyUpdate" on policy events Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-06 05:46:36 +00:00
Jim Bugwadia	db3502656d	Cert attestor (#3809 ) * add certificates attestor Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * split certs from keys Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add Rekor and fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-05 21:57:20 -07:00
Jim Bugwadia	76608e315e	handle duplicate images; use container name as key (#3779 ) * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-05 14:06:18 -07:00
Charles-Edouard Brétéché	5d2e2faf72	fix: autogen rules in status (#3728 ) * refactor: autogen package logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add rules to status only when necessary Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-05-05 15:11:26 +00:00
Prateek Pandey	2af9046e13	refact: disable leader for update request controller (#3807 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-05 14:19:19 +00:00
Charles-Edouard Brétéché	25c2bf0e1f	fix: remove k8s apiserver from self-generated cert (#3803 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-05 13:26:55 +00:00
Vyankatesh Kudtarkar	13d8a96f92	Policy Validation check for onPolicyUpdate flag (#3814 ) * policy validation check for OnPolicyUpdate flag * add validation check for onupdatepolicy flag	2022-05-05 21:04:49 +08:00
shuting	8a9a98d8b5	Add `handler` to `UR.status` (#3791 ) * - Add "handler" to "ur.status" - Mark / Unmark handler upon UR reconciliation Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add field onPolicyUpdate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Update API docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add delay in generate e2e tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove duplicate logic for cleaning up the cloned resource Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-05 16:26:27 +05:30
Charles-Edouard Brétéché	4d08354498	fix: remove kubeconfig (#3802 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-05 10:12:43 +00:00
Charles-Edouard Brétéché	9a1a82e3b5	feat: parse all root CA certs (#3808 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-05 09:31:22 +01:00
Sambhav Kothari	6e48fdf4ce	Fix issue with image registry when decoding OCI descriptors with out of spec keys (#3799 )	2022-05-04 13:38:56 -04:00
Charles-Edouard Brétéché	bb6e9a1ada	refactor: move config controller in controllers package (#3790 ) * refactor: use typed informers and add tombstone support to webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove unstructured usage from webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: cert manager controller Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move config controller in controllers package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-04 16:05:03 +00:00
Charles-Edouard Brétéché	0a783bdc7d	chore: remove useless util NewKubeClient (#3795 )	2022-05-04 13:14:17 +01:00
Charles-Edouard Brétéché	db735f2165	fix: pod stay in terminating when scaling to 0 (#3793 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-04 10:57:56 +00:00
gsweene2	af51ceb4ff	Add JMESPath Function `items` (#3777 ) Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-05-04 10:33:24 +00:00
Frank Jogeleit	43fc77c71f	Add rule to PolicyViolation event messages (#3787 ) Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-05-03 18:35:42 +00:00
Charles-Edouard Brétéché	2b6549fd5b	chore: remove config flags (#3786 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 17:52:10 +00:00
Charles-Edouard Brétéché	32789d1c0d	fix: add missing tombstone calls (#3784 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-03 16:58:20 +00:00
Charles-Edouard Brétéché	400e486b46	refactor: create a package for controllers and move certmanager in it (#3782 ) * refactor: use typed informers and add tombstone support to webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove unstructured usage from webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: cert manager controller Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-04 00:23:34 +08:00
Charles-Edouard Brétéché	207459cc40	refactor: policycache package logger (#3783 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 20:24:11 +08:00
Charles-Edouard Brétéché	f70ef051dc	refactor: move ImageExtractorConfigs in api package (#3781 )	2022-05-03 08:45:08 +00:00
Charles-Edouard Brétéché	52d1b642d6	refactor: dclient package logger (#3778 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 08:24:30 +00:00
Charles-Edouard Brétéché	873e394e5f	fix: cert manager duplicate event handler (#3772 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-03 07:37:18 +00:00
Danny Kulchinsky	810369d876	webhookconfig: if services resource, add services/status as well (#3740 ) Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-03 05:54:08 +00:00
Charles-Edouard Brétéché	c79223393b	refactor: dclient package (#3775 ) * refactor: replace clientset by inteface Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: dclient package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 13:30:04 +08:00
Charles-Edouard Brétéché	6e07acdd87	refactor: replace clientset by inteface (#3774 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-02 20:30:07 +00:00
Charles-Edouard Brétéché	a592dad2aa	refactor: cosign package logger (#3773 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-02 21:03:44 +01:00
Charles-Edouard Brétéché	18af55ed49	refactor: wait for cache sync (#3765 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-03 01:41:39 +08:00
Sambhav Kothari	0a5f004047	Allow non-object type elements for foreach rules (#3763 ) Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-02 16:39:37 +00:00
Sambhav Kothari	e1ee6e8cbd	Reduce log verbosity for image extractors (#3764 )	2022-05-02 15:04:19 +00:00
Charles-Edouard Brétéché	45e3bf452a	chore: remove unused resourcecache package (#3762 )	2022-05-02 15:15:44 +01:00
Charles-Edouard Brétéché	972be16ad3	refactor: remove unstructured usage from webhookconfig (#3737 ) * refactor: use typed informers and add tombstone support to webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove unstructured usage from webhookconfig Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-02 18:58:04 +08:00
Charles-Edouard Brétéché	87880ad6f1	refactor: use typed informers and add tombstone support to webhookconfig (#3736 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-02 08:19:39 +00:00
Jim Bugwadia	3cb620499e	Remove YAML multiline support in CM values (#3721 ) * remove YAML multiline support in CM values Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unused code Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-02 08:57:35 +01:00
Jim Bugwadia	4f8eab76ce	cleanup event messages and sources (#3741 ) * cleanup events Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix sonatype issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-02 05:14:32 +00:00
Jim Bugwadia	0771ffd474	Add error handling and log for image extractor errors (#3724 ) Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-01 23:44:51 +00:00
Jim Bugwadia	ef71102b22	Fix verify all images (#3748 ) Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-01 23:02:49 +00:00
Charles-Edouard Brétéché	96b33f6200	refactor: metrics package logger (#3734 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-29 19:33:08 +02:00
Prateek Pandey	97f845124f	fix: block policy for missing matched kind (#3733 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-04-29 21:53:18 +08:00
Charles-Edouard Brétéché	82c9c2d08b	fix: missing image verification rules in autogen (#3729 ) * fix: missing image verification rules in autogen Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: missing image verification rules in autogen Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-29 13:48:22 +02:00
shuting	a4815f77c4	Convert GenerateRequest to UpdateRequest for backward compatibility (#3730 ) - Remove GenerateRequest Informer - Rename GenerateRequest to UpdateRequest in logs and vars - Fix initContainer leader election - Convert GenerateRequest to UpdateRequest in initContainer - Remove unused methods - Add printer column ruleType to UR Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-29 16:35:49 +05:30
Charles-Edouard Brétéché	de84b8071d	refactor: autogen package logger (#3727 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-29 09:12:21 +00:00
Charles-Edouard Brétéché	61a1d40e5e	fix: correct tombstone usage (#3718 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-29 09:50:17 +02:00
Charles-Edouard Brétéché	24ed931f42	refactor: remove some api unnecessary pointers (4) (#3713 ) * refactor: remove some api unnecessary pointers Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove some api unnecessary pointers (2) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove some api unnecessary pointers (3) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove some api unnecessary pointers (4) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-04-29 09:12:01 +02:00
shuting	a45986c04d	Set policy kind to generate events in the webhook (#3726 ) * remove mutateExisting field Signed-off-by: ShutingZhao <shuting@nirmata.com> * update policy controller to create UR for generate Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove debug log Signed-off-by: ShutingZhao <shuting@nirmata.com> * - Update api docs - Ignore e2e tests cleanup failure Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add back index to helm template Signed-off-by: ShutingZhao <shuting@nirmata.com> * Set policy kind to generate events in the webhook Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-29 05:50:55 +00:00
shuting	e248308cb3	Create UR for both mutate and generate policies (#3717 ) * remove mutateExisting field Signed-off-by: ShutingZhao <shuting@nirmata.com> * update policy controller to create UR for generate Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove debug log Signed-off-by: ShutingZhao <shuting@nirmata.com> * - Update api docs - Ignore e2e tests cleanup failure Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add back index to helm template Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-29 11:01:02 +05:30
Charles-Edouard Brétéché	7fca026678	fix: remove supported from autogen status (#3714 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-28 16:14:48 -07:00
Charles-Edouard Brétéché	b7f42a0d1f	refactor: remove some api unnecessary pointers (3) (#3707 ) * refactor: remove some api unnecessary pointers Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove some api unnecessary pointers (2) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: remove some api unnecessary pointers (3) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-28 12:30:23 +00:00
shuting	d3eec03a79	Optimize UR listing on policy events (#3712 ) * Optimize UR listing on policy events Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix new UR creation for multiple policies Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-28 10:29:48 +00:00
shuting	eb0b8d352c	- Create events for imageVerify rules (#3710 ) - Skip generating events on blocked resource Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-28 17:51:06 +08:00

1 2 3 4 5 ...

2550 commits