mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
2868 commits 16 branches 550 tags 288 MiB
Commit graph

54 commits

Author SHA1 Message Date
Jim Bugwadia
dcc7fff6ef Merge branch 'main' into 1298_fix_variable_validation 2020-11-25 12:27:01 -08:00
Jim Bugwadia
4c47d40a3c fix check for background mode 2020-11-25 10:11:59 -08:00
NoSkillGirl
40b40fb601 fixed attotaions for empty set 2020-11-25 11:50:53 +05:30
Jim Bugwadia
54f816c246 trim variable for context lookups 2020-11-24 17:48:54 -08:00
NoSkillGirl
3571260a9e added skipped policy in policy report 2020-11-19 15:03:15 +05:30
Shuting Zhao
943935ee1b properly deserialize anyPattern 2020-11-13 16:25:51 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00
Jim Bugwadia
1f24ea6f75
fix regex for allowed variable to support spaces (#1200) 
* fix regex for allowed variable to support spaces

* remove log

* fix regex
 2020-10-19 12:36:55 -07:00
Jim Bugwadia
ae0c09a05c remove ContextEntry.path (prototype for API server lookup) 2020-10-14 18:48:23 -07:00
Jim Bugwadia
4ea1126fce remove docs and update README.md 2020-10-14 17:39:45 -07:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
Pooja Singh
7fc0eaaee3
added condition for exclude selector (#1169) 
* added exclude selector condition

* small fix
 2020-10-06 14:27:40 -07:00
Mohan B E
a1081c8f82
fixed policy validationa and patch strategic merge bug (#1136) 2020-09-18 12:18:13 -07:00
Mohan B E
118b40c644
added invalid field validation for policy (#1094) 2020-09-03 22:14:54 +05:30
Mohan B E
3690bf5fff
conditional anchor preprocessing for patch strategic merge (#1090) 
* conditional anchor preprocessing for patch strategic merge

* modified sequence pre processing and added unit test

* merged master

* go fmt

* corrected mistake and added error handling to policy validate
 2020-09-01 09:12:05 -07:00
Mohan B E
a827f88dc7
resolved conditional anchor issue and added validation to pattern labels (#1060) 
* resolved conditional anchor issue and added validation to pattern labels

* restored IsConditionAnchor

* added annotation and anypattern validation

* added conditional anchor key checker

* reverted docs

* fixed tests

* modified validation

* modified validate condition check
 2020-08-28 18:22:22 -07:00
Pooja Singh
8105e4cad8
Allowing only few variables in the policies (#1063) 
* Checking for non whitelisted variables in the policy

* method name change

* small issue while rebasing
 2020-08-23 15:11:03 -07:00
Pooja Singh
2717a03ab2
Not checking for cluster resources for CLI in policy validate (#1076) 2020-08-21 23:07:54 +05:30
Mohan B E
f60deecdce
Feature/namespaced policy 280 (#1058) 
* namespaced policy crd and cache

* modified main.go

* removed kyverno

* implemented policy violation generator for namespaced policy on audit

* modified cache

* added validation for cluster resource types

* install.yaml

* install.yaml

* removed namespaces from crd and refactored code

* modified NamespacePolicy to Policy

* added ClusterRole aggregate for policies

* modified clusterrole
 2020-08-19 09:07:23 -07:00
shravan
6b1498b770 744 fixing policy validation and removing allRequests field 2020-05-06 19:46:32 +05:30
shravan
1b2868620e 744 fixing tests and making sure policy with variables that are not request.object are not allowed in background mode 2020-05-06 00:29:40 +05:30
shravan
f8f27cea18 744 fixing policy validation 2020-04-27 22:01:33 +05:30
shravan
f839f27b41 Merge branch 'master' into 744_deny_requests 2020-04-27 15:12:35 +05:30
shravan
0a65a66cc0 823 tested prototype 2020-04-27 15:05:10 +05:30
shravan
7dc7420ad9 744 policy validation skip 2020-04-23 01:05:00 +05:30
shravan
4cb44bce09 744 save commit 2020-04-14 19:06:48 +05:30
shravan
b6f01db0b1 744 resolve merge conflicts 2020-04-13 20:31:40 +05:30
shravan
2451756651 744 tested prototype 2020-04-10 23:24:54 +05:30
shravan
d4baf44fd9 753 practical test fixes 2020-04-04 16:18:36 +05:30
shravan
dd0f3d140e 753 resolving merge conflicts 2020-04-04 15:55:19 +05:30
shravan
fde5e5490f 753 testcase and fixes 2020-04-04 14:49:50 +05:30
shravan
0b2aa90444 753 new req save commit 2020-04-04 12:46:51 +05:30
shravan
bbeefb955b 778 tested prototype 2020-04-01 19:06:13 +05:30
shravan
20b161a270 765 resolved merge conflicts 2020-03-29 09:09:26 +05:30
shravan
91223deae2 754 resolved merge conflicts 2020-03-28 16:43:19 +05:30
shravan
b5af456f64 Revert "754 merge conflicts" 
This reverts commit 39f75db435.
 2020-03-28 16:36:19 +05:30
shravan
39f75db435 754 merge conflicts 2020-03-28 16:30:18 +05:30
shravan
6efe0252a3 765 save commit 2020-03-27 19:06:06 +05:30
shravan
4cf29adccd 754 works as intended - more changes required related to locks .etc 2020-03-24 23:12:45 +05:30
shravan
dfbf247ad8 753 circle ci fixes 2020-03-20 20:35:26 +05:30
shravan
fac7a15d7d 753 prototype changes 2020-03-20 20:23:34 +05:30
shravan
7c5a2aa438 754 save commit 2020-03-19 20:45:30 +05:30
shivkumar dudhani
e6e5bbb603 Merge branch 'master' into access_check 2020-03-17 17:23:18 -07:00
shivkumar dudhani
b1063a95e1 refactor & validate operations for generate rules in PolicyValidation 2020-03-11 18:14:23 -07:00
shravan
888d2ae171 522 save commit 2020-03-04 19:16:26 +05:30
shravan
39ac8391c6 658 prototype with testcases 2020-02-26 16:08:56 +05:30
shivkumar dudhani
9b38289a84 remove openapi validation(manual revert) 2020-02-20 15:09:20 -08:00
Shivkumar Dudhani
d88b0bf2e4
Merge branch 'master' into 671_cleanUp_generate 2020-02-18 15:00:59 -08:00
shivkumar dudhani
468f7954ab Merge branch 'master' of https://github.com/shubham-asati/kyverno into shubham-asati-master 2020-02-18 14:53:41 -08:00
shivkumar dudhani
2cd4884b62 Merge branch 'master' into 671_cleanUp_generate 2020-02-14 12:06:01 -08:00