Mariam Fahmy
2016f82600
chore: use v1 of VAPs in the tests ( #11929 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2025-01-15 14:08:35 +00:00
Charles-Edouard Brétéché
823661e4af
fix: sorting in fix test command ( #11869 )
2025-01-08 13:30:15 +00:00
Vishal Choudhary
f51a49fcaf
fix: update chainsaw test apply timeout to 30s ( #11794 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-12-20 09:59:42 +00:00
Ammar Yasser
739e6a21c4
Mutate existing CLI support ( #11453 )
...
* feat: Add flags for target resources and add fake client initialization
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Add fake discovery client and cluster bool in the policy processor
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Use the full mutation engine policy response in the engine response
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Extract mutated targets from the policy responses and print them out
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Add TargetResources field in the cli test schema
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Generate CLI crds
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: modify checkResult to take an arbitrary actual resource and resource name
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: change getAndCompareResource to take a resource name and cascade it to GetResourceFromPath
Signed-off-by: aerosouund <aerosound161@gmail.com>
* test: Create a simple test to test mutate existing in the CLI
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Allow GetResourceFromPath to select a resource with a name from a multi resource yaml
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Modify the runTest command to return the TestResponse type
- Create a fake client, load the target resources in it and use it in the PolicyProcessor.
- Create the TestResponse which contains Trigger and Target fields, each is a map of gvk/name to the responses corresponding to that resource.
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Rewrite output.go to use the TestResponse type
- Check for both target and trigger
- Create logic for appending the resource array in case no resources are passed
- Move row creation logic into a separate method to avoid code duplication
- Extract the proper target resource based on rule type
- Create a function to extract mutated target from the engine response
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Move tests to the correct folder
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Use apiVersion/Kind/Name as the key in the test responses
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Use the apiVersion/Kind/name key schema in checking results and fix invalid resource name checking for generate policies
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Use better variable names for rows
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Account for Generate resources being an array
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Use generated resource name in checking the results and printing output
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Uncomment checks printing
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Remove bug in engine response creation
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Move the generate logic into an else block
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Fix namespace fetching bug in cel validator
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Use pointer to int in the test counter
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Remove redundant method
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Skip resources not being found in the manifests
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Create another field in the engine to denote if this is a cluster engine or an offline engine
Simply checking for the client being nil is no longer enough because for cli operations the client will be a fake client
A pointer to bool is chosen because callers who don't necessarily know what to pass should be able to pass nil
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: Add extra argument in fake client initiation
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: add extra argument in fuzz test
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: Add extra arg
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: Handle resources specified as ns/name as this schema will be deprecated in favor of apiVersion/Kind/Name
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: Fix linter complaints
Signed-off-by: ammar <ammar.yasser@vodafone.com>
* fix: Use comma separation as array separators as kubernetes names don't support commas
To avoid undefined array length on splitting on /
using commas will result in a fixed length since all resources will have an apiVersion, kind, namespace and name
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Change resource array type to an array of any instead of array of string
To support the use of a string or a TestResourceSpec
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Expect the resource array to be an array of string or array of TestResourceSpec
Assert that an array element is either of these types and match the resources in both cases according to the element type
Expect that the key in responses is now separated by commas instead of slashes
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Expect that the resource array is now of type array of any and modify tests that use it
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Skip response check if the policy name isnt whats in the result
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Match the name if its specified as ns/name
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Fix linter complaint
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Run codegen
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Create CLI CRDs
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Run codegen
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Fix linter complaints
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Cleanup invalid code used in FixTest to adapt it to the schema changes
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Check if resource is nil before extracting
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: use the loadResources method to open targets in a directory
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Account for target resources with the same name but different namespaces
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Add CLI test for mutate existing with the same name
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Infer resource name and namespace from the actual resource and account for resources with the same name and namespace but different kinds
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: remove extra line
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Add printing mutate existing resources to the output or to a file
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Minor fixes
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: fix linter complaint
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: codegen
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Revert result back to error
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Use io discard to not print resources in the test command
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Update vague comments and remove outdated ones
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Integrate mutate existing changes with diff generation
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Move resource key generation into a function
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Add a mutate existing test that fails
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: fix linter complaint
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Remove redundant comment
Signed-off-by: aerosouund <aerosound161@gmail.com>
* refactor: Fix array of any assignment in cli test
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Dont check duplicate strings for field that is an array of any
Signed-off-by: aerosouund <aerosound161@gmail.com>
* bug: Fix appending to the wrong array
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: run fix tests
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Run fix tests
Signed-off-by: aerosouund <aerosound161@gmail.com>
---------
Signed-off-by: aerosouund <aerosound161@gmail.com>
Signed-off-by: ammar <ammar.yasser@vodafone.com>
Signed-off-by: Ammar Yasser <aerosound161@gmail.com>
Co-authored-by: ammar <ammar.yasser@vodafone.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-12-19 07:42:54 +00:00
Mohd Kamaal
e771896541
distributed labels in group, version, and resource so it doesn't exceed ( #11620 )
...
* change label to hash if exceed 63 limit char
Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com>
* Distribute GVR labels into 'group', 'version', and 'resource' to avoid exceeding character limits
Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com>
---------
Signed-off-by: Mohd Kamaal <mohdkamaal2019@gmail.com>
Co-authored-by: Kamaal <kamaal@macs-MacBook-Air.local>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-12-16 10:36:34 +05:30
Vishal Choudhary
174534b518
fix: properly verify precondition in old object validation ( #11644 )
...
* fix: properly verify precondition in old object validation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: assert bug
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: properly update the values
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-12-04 06:32:12 +00:00
Vishal Choudhary
ec658b7abf
fix: api call chainsaw tests ( #11682 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-12-02 15:46:37 +00:00
Mariam Fahmy
f36d5410ea
fix: check the patchedResources in kyverno-test ( #11686 )
...
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-12-02 12:59:12 +00:00
Nishanth Reddy
95baeaa4e9
fix: return nil error when trigger resource not found for a subresouces ( #11594 )
...
* fix: return nil error when trigger resource not found for a subresource kind
Signed-off-by: Nishanth Reddy <nishanth.reddy@doordash.com>
* chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.0 (#11597 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](b9fd7d16f6...968872560f#11596 )
Bumps [sigs.k8s.io/structured-merge-diff/v4](https://github.com/kubernetes-sigs/structured-merge-diff ) from 4.4.1 to 4.4.3.
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases )
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/structured-merge-diff/compare/v4.4.1...v4.4.3 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/structured-merge-diff/v4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: use generate name for background scan reports (#11586 )
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* chore(deps): bump github/codeql-action from 3.27.3 to 3.27.4 (#11598 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.3 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](396bb3e453...ea9e4e3799#11498 )
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
* add chainsaw tests
* add kubectl-evict to githubpath
* add readme
---------
Signed-off-by: Nishanth Reddy <nishanth.reddy@doordash.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
2024-11-20 15:41:06 +08:00
Netanel Kadosh
cef7be1fdc
feat: Add Manifest Index to ImageRegistry context ( #9883 )
...
* feat: Add Manifest Index to ImageRegistry context
Signed-off-by: Netanel Kadosh <kadoshnetanel@gmail.com>
* test: adding manifest list tests
Signed-off-by: Netanel Kadosh <kadoshnetanel@gmail.com>
---------
Signed-off-by: Netanel Kadosh <kadoshnetanel@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-11-14 08:10:25 +00:00
Vishal Choudhary
b35aaab898
fix: match failure action case insensitively for validating old object ( #11486 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-11-07 00:10:56 +08:00
Khaled Emara
f07007f864
fix(validate): custom match conditions errors ( #11461 )
...
* fix(validate): custom match conditions errors
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* test(webhook): failing match conditions
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-11-05 11:59:09 +00:00
Mariam Fahmy
646267b229
fix: add celPreconditions in autogen rules ( #11503 )
2024-10-31 14:12:22 +00:00
Vishal Choudhary
34dc0e52a2
fix: use digest instead of tag for custom-sigstore-tuf conformance test ( #11492 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-10-30 14:42:20 +00:00
Khaled Emara
0b6d053545
feat(ci): enhance load testing ( #11429 )
...
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-10-18 10:20:12 +00:00
Ammar Yasser
9a8e35d787
Selector with mutate target ( #11208 )
...
* feature: Add LabelSelector as a field of resource spec to allow fetching by labels
Signed-off-by: aerosouund <aerosound161@gmail.com>
* chore: Generate CRDs
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Add the capability to fetch with label selector
- Add the label selector as a parameter to GetResources of the engine api client and the dclient.
- Use the label selector with list options in the dclient.
- convert a metav1.LabelSelector to a labels.Selector before fetching to be able to convert it to a string to be used with ListOptions.
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Pass label selector to the GetResources method
Signed-off-by: aerosouund <aerosound161@gmail.com>
* feat: Return the resource selector when resolving spec
Signed-off-by: aerosouund <aerosound161@gmail.com>
* fix: Instantiate the fake client schema using the passed gvrToListKind map and by inferring schema from passed resources
All tests that use List will fail because the fake client doesn't infer the schema from the passed resources.
gvrToListKind can't be fully deprecated as some parts of kyverno use the fake client without passing resources to it (resource generation). And so both approaches have to be supported.
References:
- https://github.com/kubernetes/client-go/issues/983
- 46c1ad3baa
2024-10-16 11:17:08 +00:00
Vishal Choudhary
a7dd02a6d1
feat: update engine response.generatedResources to support multiple resource ( #11398 )
...
* fix: manually add generated_resources property
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update engine response
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: nil check before deferences
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: outdated errors
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-10-15 14:59:18 +08:00
Charles-Edouard Brétéché
6dc328fb0c
chore: add delay after policy gets ready ( #11344 )
...
* chore: add delay after policy gets ready
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Update test/conformance/chainsaw/_step-templates/policy-ready.yaml
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-14 11:39:43 +00:00
Shivam Kumar
1114f0af36
Added chainsaw test for the ttl based cleanup poliy ( #11328 )
...
* Added chainsaw test for the ttl based cleanup poliy
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Updated the ttl/propagation-policy chainsaw test structure
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Enhanced the chainsaw tests for the ttl/propagation-policy
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* orphan
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Update test/conformance/chainsaw/ttl/propagation-policy/orphan/chainsaw-test.yaml
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Improved chainsaw tests for foreground and background propagation policies
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Fix background policy test: assert pod is deleted after job removal
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Fix: changed pod-deleted-assert.yaml to pod-assert.yaml in the foreground
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Change assert to error check for pod deletion in foreground test
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
* Removed the pod-deleted-assert.yaml file
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
---------
Signed-off-by: ShivamJha2436 <shivamkumar87148@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-07 19:25:33 +00:00
Vishal Choudhary
00fd6d47f8
fix: transfer image verify iamges to kyverno ( #11340 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2024-10-07 15:56:12 +00:00
Charles-Edouard Brétéché
4abdbff74a
chore: use more chainsaw step templates ( #11324 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-07 11:44:33 +00:00
Vishal Choudhary
026791d117
fix: add permission for mutate existing report test ( #11339 )
...
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
2024-10-07 11:07:14 +00:00
Charles-Edouard Brétéché
db7584c417
chore: use more chainsaw step templates ( #11317 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-04 12:54:39 +03:00
Charles-Edouard Brétéché
9914675674
chore: use more chainsaw step templates ( #11313 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 15:08:36 +00:00
Charles-Edouard Brétéché
f9724778b1
chore: bump chainsaw ( #11280 )
...
* chore: bump chainsaw
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* policy lib
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more changes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* 2.11
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* shards
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 19:08:02 +05:30
Charles-Edouard Brétéché
df267dd829
chore: use more chainsaw step templates ( #11311 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 11:56:30 +00:00
Charles-Edouard Brétéché
decb7524eb
chore: use more chainsaw step templates ( #11308 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 13:53:14 +03:00
Charles-Edouard Brétéché
12d5223d56
chore: use more chainsaw step templates ( #11303 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 09:57:40 +00:00
Charles-Edouard Brétéché
6870d8fdf8
chore: use more chainsaw step templates ( #11300 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 08:36:30 +00:00
Charles-Edouard Brétéché
97f2d25aaa
chore: use more chainsaw step templates ( #11296 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-03 09:10:11 +03:00
Charles-Edouard Brétéché
778d81a865
chore: use more chainsaw step templates ( #11293 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-02 18:55:38 +00:00
Charles-Edouard Brétéché
fa36573f85
feat: use more chainsaw test templates ( #11285 )
...
* feat: use more chainsaw test templates
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-02 15:25:04 +00:00
Vishal Choudhary
fe49e97fba
feat: add reporting to mutate and generate rules ( #11265 )
...
* feat: add reports to standard mutatation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add warnings for permissions
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: remove unnecessary fields
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add reporting to generate and mutate existing
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add reporting to generate and mutate existing
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: codegen and add generate tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: e2e matrix
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: cleanup
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-02 12:05:05 +00:00
Charles-Edouard Brétéché
7113aa111a
feat: use more chainsaw test templates ( #11281 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-10-01 20:46:10 +00:00
shuting
1af0fc5244
fix: overwrite the managed-by label for target resources ( #11267 )
...
* feat: overwrite managed-by label on the target generated resources
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add chainsaw test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update e2e test matrix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-09-30 13:28:11 +00:00
shuting
2d601a0830
feat: allow generate pattern changes ( #11202 )
...
* chore: remove duplicate test steps
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: remove validation checks upon generate policy changes
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: return nil
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: chainsaw tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: restrict rule spec changes except for generate pattern
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: rename tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: upadte e2e matrix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-09-24 14:11:14 +00:00
Mariam Fahmy
8eb081475e
fix: skip processing the oldObject for audit policies ( #10233 )
...
* fix: skip processing the oldObject for audit policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: modify error and skip messages
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: modify the log level
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-09-20 12:28:18 +00:00
shuting
65782d37f8
chore: add more chainsaw tests for generate.foreach ( #11140 )
...
* chore: rename tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-data-sync-update-policy
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-data-sync-update-target
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-clone-sync-update-source
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-clone-sync-update-target
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-clone-list-sync-update-source
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: rename vars in cpol-clone-list-sync-update-source
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-clone-list-sync-update-target
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add test/conformance/chainsaw/generate/foreach/existing/cpol-data-sync-create
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* tests: add cpol-clone-list-sync-create
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2024-09-18 10:54:33 +00:00
Charles-Edouard Brétéché
5a0ce6bb67
chore: bump chainsaw ( #11161 )
...
* chore: bump chainsaw
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more template use
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v0.2.10
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* go mod
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-09-17 09:28:33 +00:00
Vishal Choudhary
ea19244876
fix: expect base64 string in raw tuf root ( #11117 )
...
* fix: expect base64 string in raw tuf root
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: rename kyverno yaml file
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-09-12 12:34:52 +00:00
AdamKorcz
fbb77dcb97
fix broken oss-fuzz build ( #11101 )
...
Signed-off-by: Adam Korczynski <adam@adalogics.com>
2024-09-11 22:21:01 +00:00
Charles-Edouard Brétéché
4a836883d9
fix: chainsaw tests ( #11034 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-09-07 21:48:08 +00:00
Charles-Edouard Brétéché
fd3fa10956
fix: chainsaw tests ( #11033 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-09-07 18:17:37 +00:00
Vishal Choudhary
1ef9b876e1
fix: allow changes to preexisting resources that violate a validate foreach, cel or pss policy ( #10033 )
...
* feat: allow changes to preexisting resources that violate a validate foreach, cel or pss policy
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: do old object verification as create operation
this fixes the case where we are checking request.operation in a deny condition
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update the json context in set operation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: typo
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update error message
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add match and exclude check
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: match exclude in if
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add option to disable validation of old object
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update readme
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: conflicts
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: ci
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: nil ptr error
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: old obj verification in assert
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: codegen
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: chainsaw test for assert
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: cleanup
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: pss
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: common functions for allow existing violations
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: types
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: typos
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: pss old resource
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: chainsaw test for PSS
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: use old objects
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: more merge changes
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: e2e matrxix
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: refactor and dont return error when old obj validation fails
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: return resp when not matched
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add logs and return skip when old object validation fails
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* Update validate_resource.go
Co-authored-by: shuting <shutting06@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* Update validate_pss.go
Co-authored-by: shuting <shutting06@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* Update validate_assert.go
Co-authored-by: shuting <shutting06@gmail.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
2024-09-06 06:42:56 +00:00
Anushka Mittal
37ab9ba824
fix: range through all resources to build webhook ( #10748 )
...
* fix: range through all resources to build webhook
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* chore: add tests
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* chore: correct conformance
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* chore: correct conformance pod all subresources
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* fix: append resource when operations and scope is same
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* fix: correct tests
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* fix: chainsaw tests
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* fix: flaky test
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
* chore: remove debug lines
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
---------
Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
Co-authored-by: anushkamittal20 <anumittal4641@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-09-05 11:42:40 +00:00
D N Siva Sathyaseelan
0ee73430de
feat:Add support for condition validation across multiple image verification attestations or context entry ( #9960 )
...
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* validate block added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* Name feild is added in Attestation struct
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added imageInfo in policy context
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added response from FetchAttestations to contex entry
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate logic
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* condition for name collision in Attestation array is added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* ValidateVariable is applied in validate
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* change in regex, logic, conformance test, unit test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some change in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* context entries are added as variables
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical implementations
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Validate and multiple Image verification is working
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* moved validate to verify
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate in verifyimage in v2 policies
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* validate is moved to verifyAttestation
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* removed loadcontext
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Added getRawResp to fing report in statemants
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in ivm
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* changes in verify in imageverifer
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test for trivy and vex
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added Validate in ImageVerification
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
* added imageInfo in policy context
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added response from FetchAttestations to contex entry
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate logic
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* condition for name collision in Attestation array is added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added multiple image verification test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* ValidateVariable is applied in validate
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* change in regex, logic, conformance test, unit test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some change in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* context entries are added as variables
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some logical implementations
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Validate and multiple Image verification is working
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* moved validate to verify
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in conformance test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Some changes in imageverifier
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* unit test added
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* lint fixes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added validate in verifyimage in v2 policies
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* validate is moved to verifyAttestation
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* removed loadcontext
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* enhanced tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* Added getRawResp to fing report in statemants
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* aome changes in unit tests
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* helm test fix
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* some changes in ivm
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* changes in verify in imageverifer
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen applied
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen resolved
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
---------
Signed-off-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Signed-off-by: D N Siva Sathyaseelan <95441117+sivasathyaseeelan@users.noreply.github.com>
Co-authored-by: sivasathyaseeelan <dnsiva.sathyseelan.chy21@iitbhu.ac.in>
2024-09-05 10:33:37 +00:00
Vishal Choudhary
86b8a6d0f3
feat: show violations and mutations as warning ( #10214 )
...
* feat: add audit warning to policy spec
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: emit warning when audit warning is set
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add audit warn to policy cache
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add warnings for validation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add warnings for mutation
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: add more chainsaw test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* chore: fix ci
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: rename field to emit warning
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: validate tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: cleanup
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: remove validation action failure fro mutation unit tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-09-05 10:02:00 +00:00
D N Siva Sathyaseelan
cc966bf7af
feat:support default value into apiCall context variables ( #10594 )
...
* initial changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* test changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* logical changes
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* added Check for default in transformAndStore
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* codegen applied
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* considered an edge case
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
* fix: remove error when jsondata and default is nil
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* codegen done
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
---------
Signed-off-by: sivasathyaseeelan <dnsiva.sathyaseelan.chy21@iitbhu.ac.in>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
2024-09-05 13:57:44 +08:00
Charles-Edouard Brétéché
31dcff1b1c
feat: add global context entry openapi validation ( #10998 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-09-04 19:43:12 +00:00
Charles-Edouard Brétéché
8a0795fa8f
feat: make deprecated ready status a pointer and set it to null ( #10999 )
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-09-04 19:08:34 +00:00
