treydock
2273529a35
fix(policy chart): Skip DELETE requests on policies using deny statements ( #7883 )
...
Fixes #7456
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-24 14:29:35 +00:00
dependabot[bot]
295e98aebe
chore(deps): bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 ( #7893 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.7.0 to 5.8.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.7.0...v5.8.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-24 13:45:58 +00:00
dependabot[bot]
f3b9fa913a
chore(deps): bump github.com/onsi/gomega from 1.27.8 to 1.27.9 ( #7892 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.27.8 to 1.27.9.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.27.8...v1.27.9 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-24 09:21:44 +00:00
Amit kumar
c276060ff8
Modified annotation matching during rollback ( #7752 )
...
* enhanced has changed func
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* modified changed annotation func
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* modified HasImageVerifiedAnnotationChanged
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* nits
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* added kuttl-test
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* added ghcr.io/kyverno images
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* fixed unit tests
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
* fixed unit tests
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
---------
Signed-off-by: hackeramitkumar <amit9116260192@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-07-24 08:10:07 +00:00
dependabot[bot]
00329c1881
chore(deps): bump github.com/notaryproject/notation-core-go ( #7891 )
...
Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go ) from 1.0.0-rc.4 to 1.0.0.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases )
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.0.0-rc.4...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-24 07:12:57 +00:00
Mariam Fahmy
8e12640d81
fix log level ( #7877 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-21 15:41:29 +00:00
dependabot[bot]
5d9ec59536
chore(deps): bump k8s.io/pod-security-admission from 0.27.3 to 0.27.4 ( #7878 )
...
Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission ) from 0.27.3 to 0.27.4.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.3...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 14:58:32 +00:00
Alok N
57c0f0f078
feat: split up kuttl tests ( #7861 )
...
Signed-off-by: Alok N <alokme123@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
2023-07-21 11:22:29 +00:00
Mariam Fahmy
35e368730b
feat: add auto-gen rules for CEL ( #7859 )
...
* feat: add auto-gen rules for CEL
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* clean up
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-21 09:19:47 +00:00
dependabot[bot]
ea631bdf81
chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.3 to 0.27.4 ( #7879 )
...
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.27.3 to 0.27.4.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.3...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-21 08:32:49 +00:00
SukhveerS
afb1a45897
adding env to doc ( #7813 )
...
* adding env to doc
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
* Update DEVELOPMENT.md
Signed-off-by: shuting <shutting06@gmail.com>
---------
Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com>
Signed-off-by: shuting <shutting06@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2023-07-21 06:46:14 +00:00
Pradyot Ranjan
629776571c
Update CONTRIBUTING.md ( #7872 )
...
Signed-off-by: Pradyot Ranjan <99216956+prady0t@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 06:14:32 +00:00
AdamKorcz
d4d190bbb1
policy validation: fix assignment to entry in nil map ( #7874 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 04:03:39 +00:00
treydock
9429e12281
feat(chart) Add configurations for cleanup jobs and webhooks ( #7871 )
...
allow nodeSelector, tolerations and affinity settings for webhooksCleanup
allow affinity settings for cleanup jobs
Add helper to handle the labels for cleanup jobs, add component label
Fixes #7843
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-21 03:30:44 +00:00
shuting
69cb254e53
feat: skip schema validation for CRD ( #7869 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-20 22:02:27 +00:00
dependabot[bot]
f905f90422
chore(deps): bump k8s.io/kube-aggregator from 0.27.3 to 0.27.4 ( #7865 )
...
Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator ) from 0.27.3 to 0.27.4.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.3...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: shuting <shuting@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-20 13:48:19 +00:00
shuting
537612b609
fix: namespace label matching for Namespace ( #7837 )
...
* Feat: namespaceLabel matching for ns
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Fix: update kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-20 10:34:07 +00:00
dependabot[bot]
5a8caaf4fe
chore(deps): bump go.uber.org/automaxprocs from 1.5.2 to 1.5.3 ( #7868 )
...
Bumps [go.uber.org/automaxprocs](https://github.com/uber-go/automaxprocs ) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/uber-go/automaxprocs/releases )
- [Changelog](https://github.com/uber-go/automaxprocs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/automaxprocs/compare/v1.5.2...v1.5.3 )
---
updated-dependencies:
- dependency-name: go.uber.org/automaxprocs
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-20 09:21:17 +00:00
dependabot[bot]
f5ef5ca24e
chore(deps): bump k8s.io/cli-runtime from 0.27.3 to 0.27.4 ( #7864 )
...
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.27.3 to 0.27.4.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.3...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-20 16:38:25 +08:00
shuting
c2a9993d8c
fix: ignore tekton/pipeline ( #7858 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-20 03:48:29 +00:00
shuting
acf3729354
feat: enable operator boolean comparison ( #7847 )
...
* feat: enable operator boolean comparison
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Test: add kuttl test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-19 16:54:33 +00:00
AdamKorcz
7647a1632d
fix type confusion in policy validation ( #7857 )
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2023-07-19 16:23:42 +00:00
treydock
752185c5af
Add nodeSelector for cleanupJob CronJob resources ( #7851 )
...
Fixes #7826
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
2023-07-19 13:40:31 +00:00
Pradyot Ranjan
d18a27d189
Added log message for API call failures ( #7834 )
...
* Added error message to deferred loader on API call failure
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
* Small change in error message
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
---------
Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2023-07-19 09:15:08 +00:00
Vishal Choudhary
1fff5ba767
bug: add severity and category in cluster policy report ( #7828 )
...
* test: add test for severity and category
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: add severity and category to cpol report
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* refactor: reuse report util SeverityFromString
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-07-19 06:16:37 +00:00
Mariam Fahmy
b741187a73
move events for cleanup policies to the events controller ( #7827 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-18 10:01:09 +00:00
dependabot[bot]
3cae218414
chore(deps): bump sigs.k8s.io/structured-merge-diff/v4 ( #7842 )
...
Bumps [sigs.k8s.io/structured-merge-diff/v4](https://github.com/kubernetes-sigs/structured-merge-diff ) from 4.2.3 to 4.3.0.
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases )
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/structured-merge-diff/compare/v4.2.3...v4.3.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/structured-merge-diff/v4
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-18 16:59:18 +08:00
Vishal Choudhary
8b165c0209
bug: fix nancy by removing tekton payload from cosign test ( #7841 )
...
* fix: remove tekton payload from cosign test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: update image and identity to kyverno
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* style: extra tab in json payload
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-07-18 05:58:47 +00:00
shuting
44c0206463
Feat: cloneList rule validation ( #7823 )
...
* Feat: cloneList rule validation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Test: add kuttl tests for npol
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Fix: split negative tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Test: add kuttl tests for cpol
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-17 12:13:22 +03:00
Chip Zoller
2a1c82f174
add Grover as adopter ( #7829 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-07-15 21:56:10 +02:00
dependabot[bot]
2803f4fcb9
chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 ( #7825 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.1 to 4.7.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](bd6b4b6205...61a6322f88
2023-07-14 16:21:53 +08:00
Mariam Fahmy
8c2335fe55
fix: skip creating event for an empty resource name ( #7810 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2023-07-13 16:54:08 +08:00
dependabot[bot]
5577eb8708
chore(deps): bump fluxcd/flux2 from 2.0.0 to 2.0.1 ( #7814 )
...
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2 ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/fluxcd/flux2/releases )
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml )
- [Commits](9ea0a535ea...9b3162495c
2023-07-12 16:33:37 +08:00
Marc Brugger
5505d3e085
feat: allow pod labels for cleanup jobs ( #7808 )
...
Signed-off-by: bakito <github@bakito.ch>
2023-07-11 17:11:13 +02:00
Charles-Edouard Brétéché
a135076661
refactor: remove manual keychain refresh from client ( #7806 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-11 15:19:44 +02:00
Charles-Edouard Brétéché
dfceb4bf82
fix: remove obsolete methode in discovery ( #7802 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-11 16:22:36 +08:00
shuting
eb4b8614f0
Fix validation 7750 ( #7800 )
...
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Test: update kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-07-10 18:04:57 +02:00
Charles-Edouard Brétéché
e166d7897b
fix: aggregated admission report not updated correctly ( #7798 )
...
* fix: aggregated admission report not updated correctly
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-10 12:25:32 +00:00
Mariam Fahmy
e20745b01d
feat: add events for successful generation ( #7550 )
...
* feat: add events for successful generation
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* modify generate events messages
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix: modify mutate event messages
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* feat: add kuttl tests
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* fix
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* add kuttl test for skip generation
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
* Add kuttl test for failures
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
---------
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
2023-07-10 14:22:28 +03:00
Charles-Edouard Brétéché
119d587f33
feat: add applyconfiguration-gen support ( #7768 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-10 15:23:25 +05:30
dependabot[bot]
d95a663a23
chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions ( #7796 )
...
Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions ) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases )
- [Commits](555a30da26...f32435541e
2023-07-10 07:59:52 +00:00
Chip Zoller
4b5197d3ab
add missing step to install Kyverno CLI ( #7797 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
2023-07-10 07:07:38 +00:00
Chip Zoller
d937a13f25
add Hexagon as adopter via user-completed Google form ( #7794 )
...
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-07-10 14:37:09 +08:00
Vishal Choudhary
d8c905a7f9
feat: add images to allowed variables in substitution ( #7787 )
2023-07-09 14:22:15 +02:00
Charles-Edouard Brétéché
5e56f51408
feat: add create user-info cli command ( #7780 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-07 12:32:09 +00:00
Charles-Edouard Brétéché
4a7f7ff30b
feat: add cli command ( #7778 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-07 11:17:24 +00:00
Charles-Edouard Brétéché
6d9d3b7f4c
fix: remove jmespath replace directive ( #7726 )
...
* fix: remove jmespath replace directive
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* master
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-07-07 10:22:26 +00:00
Paul N
faa50615d6
fix: admission controller rbac templating ( #7774 )
...
Fixes an regression introduced in #7633 where the helm template would render multiple
resources on the same line, resulting in invalid yaml.
This removes the hyphen in the template to ensure that each resource is
rendered on a new line
Signed-off-by: Paul Nicholson <brenix@gmail.com>
2023-07-07 11:36:42 +02:00
dependabot[bot]
210fdbbcc6
chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.2 ( #7777 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.1...v1.56.2 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 07:34:53 +00:00
Mariam Fahmy
1fa20c6c46
Move fetchClusterPolicies() and fetchPolicies() to utils ( #7773 )
...
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
2023-07-07 09:05:11 +02:00
