mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00
Code Activity
4831 commits 20 branches 550 tags 288 MiB
Commit graph

19 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
d2658a1bc8
refactor: support Audit and Enforce validation failure actions (#5152) 
* feat: remove policy mutation code

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: support Audit and Enforce failure actions

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* typo

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update changelog

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
 2022-11-01 09:56:52 +00:00
shuting
cf2b8dafa6
skip generating events on empty rule response (#5158) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-10-27 08:34:55 +00:00
Charles-Edouard Brétéché
c4b3301ab0
fix: go routines not gracefully shut down in controllers (#5022) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-10-19 08:54:48 +00:00
Vyankatesh Kudtarkar
f5748b1e70
remove RBACInfo check (#5015) 2022-10-17 14:47:06 +00:00
Charles-Edouard Brétéché
6270d40f50
fix: global anchor warning (#4962) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-10-17 17:15:57 +05:30
Vyankatesh Kudtarkar
f3e40efcd7
fix principal and role variables are not substituted (#5000) 2022-10-17 05:16:14 +00:00
XDRAGON2002
03c41e7746
[Cleanup] Disable PolicySkipped events (#4913) 
* remove skip events

Signed-off-by: Anant Vijay <anantvijay3@gmail.com>

* update conditions

Signed-off-by: Anant Vijay <anantvijay3@gmail.com>

* improve conditions

Signed-off-by: Anant Vijay <anantvijay3@gmail.com>

* remove redundant function

Signed-off-by: Anant Vijay <anantvijay3@gmail.com>

Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-10-13 08:32:20 +00:00
shuting
e75b57e635
skip succeed rules when building the blocked return message (#4804) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-10-04 10:34:37 +00:00
Charles-Edouard Brétéché
e0ab72bb9a
feat: reports v2 implementation (#4608) 
This PR refactors the reports generation code.
It removes RCR and CRCR crds and replaces them with AdmissionReport, ClusterAdmissionReport, BackgroundScanReport and ClusterBackgroundScanReport crds.

The new reports system is based on 4 controllers:

Admission reports controller is responsible for cleaning up admission reports and attaching admission reports to their corresponding resource in case of a creation
Background scan reports controller is responsible for creating background scan reports when a resource and/or policy changes
Aggregation controller takes care of aggregation per resource reports into higher level reports (per namespace)
Resources controller is responsible for watching reports that need background scan reports
I added two new flags to disable admission reports and/or background scan reports, the whole reporting system can be disabled if something goes wrong.

I also added a flag to split reports in chunks to avoid creating too large resources.

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-09-28 17:15:16 +05:30
Charles-Edouard Brétéché
20b8697ad8
refactor: move mutation handler out of webhooks package (#4567) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-09 12:48:29 +02:00
Charles-Edouard Brétéché
e900815dc0
refactor: move validation handler out of webhooks package (#4556) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-09 07:52:38 +00:00
Charles-Edouard Brétéché
3e5645dd32
refactor: make webhook metrics helpers static (#4554) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-09 07:11:16 +03:00
Charles-Edouard Brétéché
16c2d880c8
refactor: move webhook events utils in utils package (#4545) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-08 18:10:27 +02:00
Charles-Edouard Brétéché
3b556abe63
chore: add unit test for updating ur status (#4541) 
* fix: defer ur update until validation passes

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* chore: add unit test for updating ur status

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-08 21:59:51 +08:00
Charles-Edouard Brétéché
ed31fb0326
refactor: introduce ur updater (#4535) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-08 20:07:18 +08:00
Charles-Edouard Brétéché
f0fa50b27e
refactor: webhook block and unit tests (#4531) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-08 08:36:31 +00:00
Charles-Edouard Brétéché
8e33532b38
refactor: webhook exclusion and unit tests (#4528) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-08 06:19:18 +00:00
Charles-Edouard Brétéché
c8bbb5bead
refactor: utils for warnings and unit tests (#4523) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-07 14:01:42 +00:00
Charles-Edouard Brétéché
ae31378546
refactor: webhook policy context creation (#4480) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-01 16:52:36 +02:00