Frank Jogeleit
cfef8a089a
init controller-gen support for oneOf and not ( #10776 )
...
Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-02 22:19:35 +00:00
Charles-Edouard Brétéché
2ead7fb8f6
test: add chainsaw tests for reports generated by policy using an assertion tree ( #10779 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-08-02 19:43:15 +00:00
Mariam Fahmy
ce7e570268
fix: set all operations by default in the generated VAP ( #10100 )
...
* fix: set all operations by default in the generated VAP
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix chainsaw test
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-02 14:12:42 +00:00
Mariam Fahmy
9d28116eb4
fix: allow exceptions to match Pod/ephemeralcontainers by default ( #10778 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-02 12:47:09 +00:00
Charles-Edouard Brétéché
a1510d9db1
feat: add more policy validation around policies using kyverno-json ( #10777 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-02 14:47:03 +03:00
Charles-Edouard Brétéché
fc694bc24c
feat: add kyverno json support to validation rule ( #10763 )
...
* feat: add kyverno json support to validation rule
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v2beta1
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* engine handler
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bindings
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* context functions
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* better bindings
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-08-02 08:24:30 +00:00
dependabot[bot]
5c04256a4a
chore(deps): bump cbrgm/cleanup-stale-branches-action ( #10775 )
...
Bumps [cbrgm/cleanup-stale-branches-action](https://github.com/cbrgm/cleanup-stale-branches-action ) from 1.1.19 to 1.1.20.
- [Release notes](https://github.com/cbrgm/cleanup-stale-branches-action/releases )
- [Commits](03d7d18e1a...3a038290b5
2024-08-02 07:33:39 +00:00
Mariam Fahmy
6d732d28c7
fix: get ns labels before creating a policy context ( #10773 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-08-02 05:14:36 +03:00
Charles-Edouard Brétéché
e004d8ae8d
chore: bump chainsaw ( #10687 )
...
* chore: bump chainsaw
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* bump
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v0.2.8-beta.1
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v0.2.8-beta.2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* beta 3
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cli
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-07-31 15:50:20 +00:00
Charles Uneze
7a6fee648b
Add kyverno helm repo ( #10758 )
...
Signed-off-by: Charles Uneze <charlesniklaus@gmail.com>
2024-07-31 13:11:52 +00:00
Lavish Pal
7efb8a7c65
Move Nancy scan to a periodic job ( #10725 )
...
Signed-off-by: Lavish pal <lvishpal408@gmail.com>
2024-07-31 08:32:29 +00:00
dependabot[bot]
c9103a11bb
chore(deps): bump github.com/docker/docker ( #10750 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 26.1.3+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v26.1.4 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-07-30 18:07:40 +00:00
Charles-Edouard Brétéché
b63062e72f
chore: bump kyverno-json ( #10753 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-07-30 16:20:53 +00:00
Charles-Edouard Brétéché
2f0ef30089
chore: bump kyverno-json ( #10752 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-07-30 15:01:09 +00:00
dependabot[bot]
e9b0d26b05
chore(deps): bump github.com/onsi/gomega from 1.34.0 to 1.34.1 ( #10747 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.34.0 to 1.34.1.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.34.0...v1.34.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-30 13:14:55 +00:00
Khaled Emara
d173752041
feat(json): unmarshal once per policy ( #10701 )
...
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-07-30 10:52:41 +00:00
dependabot[bot]
74e17cc629
chore(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 ( #10746 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](a4f60bb28d...aaa42aa062
2024-07-30 16:45:14 +08:00
dependabot[bot]
7232d8e57e
chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 ( #10742 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](dc50aa9510...62b2cac7ed
2024-07-29 16:18:20 +00:00
dependabot[bot]
6aba51564d
chore(deps): bump github/codeql-action from 3.25.14 to 3.25.15 ( #10743 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.14 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5cf07d8b70...afb54ba388
2024-07-29 15:20:44 +00:00
Khaled Emara
0aeb32df3b
feat(autogen): use static bytes instead of string ( #10723 )
...
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-29 13:46:11 +00:00
Khaled Emara
c2646f7a9d
feat(json): reduce reliance on DocumentToUntyped() ( #10724 )
...
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-29 11:57:20 +00:00
dependabot[bot]
70c1dc6a06
chore(deps): bump github.com/onsi/gomega from 1.33.1 to 1.34.0 ( #10732 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.33.1 to 1.34.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.33.1...v1.34.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-29 08:40:45 +00:00
dependabot[bot]
7c730aee6f
chore(deps): bump sigstore/scaffolding from 0.7.4 to 0.7.5 ( #10744 )
...
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding ) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/sigstore/scaffolding/releases )
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md )
- [Commits](26f31cb72c...634364a897
2024-07-29 15:50:53 +08:00
Mariam Fahmy
734f1df059
fix: check the resource namespace ( #10738 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-26 21:45:54 +08:00
Ammar Yasser
f618717f75
fix: Check for the client being nil before applying a mutation ( #10726 )
...
Signed-off-by: aerosouund <aerosound161@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-07-26 10:49:51 +00:00
dependabot[bot]
8109f2194e
chore(deps): bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 ( #10733 )
...
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils ) from 0.8.3 to 0.8.4.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases )
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.8.3...v0.8.4 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-26 09:09:20 +00:00
dependabot[bot]
8dadebb2ea
chore(deps): bump github/codeql-action from 3.25.13 to 3.25.14 ( #10731 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.13 to 3.25.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d790406f5...5cf07d8b70
2024-07-26 16:20:37 +08:00
Mariam Fahmy
716611b7ea
fix: return all the exceptions that match the incoming resource ( #10722 )
...
* fix: return all the exceptions that match the incoming resource
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: modify log messages
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-25 17:36:19 +00:00
Jim Bugwadia
2855d27ce4
change security to point to org repo ( #10716 )
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-07-25 07:40:38 +00:00
Korada Vishal
ca17cb2c6f
Improved test covergae for forceMutate ( #10103 )
...
Signed-off-by: Vishal K <korada.vishal.phe22@itbhu.ac.in>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-24 10:43:07 +00:00
dependabot[bot]
f539e854be
chore(deps): bump github.com/cyphar/filepath-securejoin ( #10713 )
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.0...v0.3.1 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-24 09:02:52 +00:00
Geetha Madhuri Bojanki
f9a8388c14
Updated the outdated example mentioned in Development.md file with latest one ( #10706 )
...
* Updated Expose the endpoint on a local port section in DEVELOPMENT.md file
Signed-off-by: Geetha Madhuri <geetha.bojanki@infosys.com>
* Updated the outdated example mentioned in Development.md file with latest one
Signed-off-by: Geetha Madhuri <geetha.bojanki@infosys.com>
---------
Signed-off-by: Geetha Madhuri <geetha.bojanki@infosys.com>
2024-07-24 07:18:39 +00:00
dependabot[bot]
db45329cd6
chore(deps): bump docker/login-action from 3.2.0 to 3.3.0 ( #10704 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](0d4c9c5ea7...9780b0c442
2024-07-23 10:10:59 +00:00
dependabot[bot]
2f9f33183f
chore(deps): bump sigs.k8s.io/kustomize/api from 0.17.2 to 0.17.3 ( #10696 )
...
Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize ) from 0.17.2 to 0.17.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.17.2...api/v0.17.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-23 17:16:06 +08:00
dependabot[bot]
0421c44659
chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.17.1 to 0.17.2 ( #10695 )
...
Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize ) from 0.17.1 to 0.17.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases )
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.17.1...api/v0.17.2 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-22 10:34:31 +00:00
dependabot[bot]
af8d4f9260
chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 ( #10697 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.12 to 3.25.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4fa2a79536...2d790406f5
2024-07-22 07:14:22 +00:00
dependabot[bot]
974da43c55
chore(deps): bump k8s.io/cli-runtime from 0.30.2 to 0.30.3 ( #10690 )
...
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime ) from 0.30.2 to 0.30.3.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.30.2...v0.30.3 )
---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-21 21:57:21 +00:00
shuting
0abaa4106c
add 1.12.6 ( #10691 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-07-19 13:06:31 +00:00
Laurent Lavaud
04f4fc9a89
fix(helm): remove namespace from RoleBinding/roleRef field ( #10685 )
...
- namespace is not a valid parameter for a RoleBinding/roleRef field
Signed-off-by: Laurent Lavaud <laurent.lavaud@mirakl.com>
2024-07-19 11:56:11 +00:00
dependabot[bot]
5f258c47d2
chore(deps): bump k8s.io/client-go from 0.30.2 to 0.30.3 ( #10689 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.30.2 to 0.30.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.30.2...v0.30.3 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 09:49:18 +00:00
shuting
e9424a1be3
extend timestamp ( #10679 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-07-19 16:59:28 +08:00
shuting
90b24c70e5
disable up cleanup crobjob ( #10678 )
...
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-07-18 11:06:47 +00:00
dependabot[bot]
bdf9613572
chore(deps): bump k8s.io/apimachinery from 0.30.2 to 0.30.3 ( #10676 )
...
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.30.2 to 0.30.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.30.2...v0.30.3 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-18 09:19:55 +00:00
dependabot[bot]
1f0ce82d11
chore(deps): bump k8s.io/api from 0.30.2 to 0.30.3 ( #10674 )
...
Bumps [k8s.io/api](https://github.com/kubernetes/api ) from 0.30.2 to 0.30.3.
- [Commits](https://github.com/kubernetes/api/compare/v0.30.2...v0.30.3 )
---
updated-dependencies:
- dependency-name: k8s.io/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-18 15:36:46 +08:00
dependabot[bot]
279895c600
chore(deps): bump github.com/cyphar/filepath-securejoin ( #10652 )
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.2.5 to 0.3.0.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.5...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-17 16:31:08 +00:00
dependabot[bot]
d738d1fef4
chore(deps): bump github.com/google/go-containerregistry ( #10670 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.0...v0.20.1 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-07-17 15:33:07 +00:00
dependabot[bot]
c977844b39
chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 ( #10662 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...4fa2a79536
2024-07-17 14:43:22 +00:00
dependabot[bot]
01bcbbce47
chore(deps): bump cbrgm/cleanup-stale-branches-action ( #10661 )
...
Bumps [cbrgm/cleanup-stale-branches-action](https://github.com/cbrgm/cleanup-stale-branches-action ) from 1.1.18 to 1.1.19.
- [Release notes](https://github.com/cbrgm/cleanup-stale-branches-action/releases )
- [Commits](d0f8b6440d...03d7d18e1a
2024-07-17 12:09:03 +00:00
Jim Bugwadia
8a01d6db31
update governance ( #10669 )
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-07-17 07:09:46 +00:00
Mariam Fahmy
f3c9be9d0f
chore: rename deprecated chainsaw tests ( #10668 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-17 04:52:38 +00:00
