mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-10 18:06:55 +00:00
Code Activity
2536 commits 18 branches 550 tags 293 MiB
Commit graph

1373 commits

Author SHA1 Message Date
Jim Bugwadia
fd1a26db29 update DisallowBindMounts 2019-11-09 16:33:19 -08:00
Jim Bugwadia
fae8ac0325 update RequireReadOnlyRootFS 2019-11-09 16:18:33 -08:00
Jim Bugwadia
121b81a83b update disallow new capabilities 2019-11-09 16:07:16 -08:00
Shivkumar Dudhani
1613434c46
458 cleanup (#464) 
* cleanup of policy violation on policy spec changes + refactoring

* remove unused code

* remove duplicate types

* cleanup references

* fix info log and clean code

* code clean

* remove dead code
 2019-11-08 20:45:26 -08:00
Jim Bugwadia
cba79c69a2 update disallow_priviledged 2019-11-08 20:04:42 -08:00
Jim Bugwadia
5ce8fd7a9a update disallow_root_user 2019-11-08 19:25:43 -08:00
Jim Bugwadia
6baa678e27 rename add_safe_to_evict 2019-11-08 19:02:49 -08:00
Shuting Zhao
981b378c86 match rbac info when process a rule 2019-11-08 18:58:09 -08:00
Shuting Zhao
6048d59949 change engine interface to take policyContext struct 2019-11-08 18:57:27 -08:00
Shuting Zhao
0e9a952d64 get rbac info for an admission request 2019-11-08 18:56:24 -08:00
Shuting Zhao
3f59b4cf10 change client.ListResource to take listOptions 2019-11-08 18:54:43 -08:00
Shuting Zhao
a7e55ed25e update types for match/exclude 2019-11-08 18:53:29 -08:00
Shivkumar Dudhani
687c0c6470
Merge pull request #418 from nirmata/391_feature 
Check if mutating webhook admission control is enabled
 2019-11-08 12:55:28 -08:00
Shuting Zhao
ec331b8d17 remove resource info in the validation error 2019-11-07 12:30:58 -08:00
Shuting Zhao
a30b8a604d update format 2019-11-07 12:13:35 -08:00
Shuting Zhao
443619757e update tests/scenario 2019-11-07 12:13:35 -08:00
Shuting Zhao
15895d3852 - aggregate resource info per rule; - remove resource info in each success message; 2019-11-07 12:13:35 -08:00
Shuting Zhao
2dec70cc72 make expected message optional in scenario file 2019-11-07 12:13:34 -08:00
Shuting Zhao
98fa90bf1e update validation_test.go 2019-11-07 12:13:34 -08:00
Shuting Zhao
58054ef5b6 remove duplicate test 2019-11-07 12:13:34 -08:00
Shuting Zhao
de9ebd899b improve validation error message; update scenario files 2019-11-07 12:13:34 -08:00
Shuting Zhao
e3c9282e6a fix edit failure blocked by annotation change 
- as we change the patches key in annotation to "policies.kyverno.io/patches" in commit bdb3f40f15
 2019-11-07 12:13:34 -08:00
Shuting Zhao
caf7abfecc Get policy list once in handleAdmissionRequest 2019-11-07 12:13:16 -08:00
Shuting Zhao
38f1f3bbb9 Merge branch '414_mutate_safe-to-evict_emptydir' into 413_known_ingress 2019-11-06 17:58:09 -08:00
Shuting Zhao
8496a483dc - remove resource info per rule; - add resource info in each failed admission request 2019-11-06 17:14:32 -08:00
Shuting Zhao
4daa23f530 add missing file 2019-11-06 16:40:24 -08:00
Shuting Zhao
b32c6bf50b remove unused code 2019-11-06 16:16:50 -08:00
Shuting Zhao
d31ace604e fix test 2019-11-06 16:16:38 -08:00
Shuting Zhao
a7aec886b4 handle processOverlay with overlayError 2019-11-06 16:16:29 -08:00
Jim Bugwadia
1173e062c9 - add policy and test for known ingress 
- fix messages and remove unnecessary comments in testrunner/scenario.go
 2019-11-05 19:07:44 -08:00
Shuting Zhao
d0391ecab3 make the err "resource field is not present" a constant 2019-11-05 16:36:15 -08:00
Shuting Zhao
9f7b6eaaf6 skip applying mutate rule if condition key is not present in the resource, consider the rule as success 2019-11-05 16:27:06 -08:00
Jim Bugwadia
cab87f24ba add tect case 2019-11-05 15:32:45 -08:00
Shuting Zhao
664a85363a correct scenario test 2019-11-05 12:59:22 -08:00
Jim Bugwadia
5ded29f74e temp update for debugging 2019-11-05 12:28:44 -08:00
Shuting Zhao
662f649926 add comment to the code 2019-11-05 11:04:43 -08:00
Shuting Zhao
4195f45a42 add missing scenario test 2019-11-05 10:19:42 -08:00
Shuting Zhao
489e55d6c3 add best_practices scenario_mutate_safe-to-evict 2019-11-05 10:16:07 -08:00
Shuting Zhao
764d0fede2 Merge commit '35bed4bc6aef6622b89f0fc4dee9a175aa9768ff' into 158_array_validation 2019-11-05 09:50:32 -08:00
Shuting Zhao
3fbb9f8a35 Merge commit 'cfbd2120938b8a7f81f4a9c325fa3f6e816d2bf1' into 158_array_validation 2019-11-05 09:43:28 -08:00
Shuting Zhao
d9335a5f8c add warning message; remove existence anchor check in mutation 2019-11-04 19:23:48 -08:00
Shivkumar Dudhani
cfbd212093
Merge pull request #427 from nirmata/375_handle_json_numbers_resubmit 
375 handle json numbers resubmit
 2019-11-04 18:05:24 -08:00
Jim Bugwadia
35bed4bc6a add safe-to-evict annotation 2019-11-04 17:55:13 -08:00
Jim Bugwadia
41afefbe8e add disallow Helm tiller 2019-11-03 18:19:06 -08:00
Jim Bugwadia
3b1143c934
Merge pull request #436 from nirmata/411_no_docker_sock_mount 
411 no docker sock mount
 2019-11-01 15:38:40 -07:00
shivkumar dudhani
a191bd67f4 update message string 2019-11-01 15:21:23 -07:00
Jim Bugwadia
1323a9a81e add policy and test case 2019-11-01 15:19:26 -07:00
Jim Bugwadia
440c23f231 add test case (currently fails) 2019-11-01 11:40:23 -07:00
Shuting Zhao
86c00a8f30 return failure path for mutate condition check 2019-11-01 11:14:58 -07:00
Shuting Zhao
ef8bf695b1 mutate: support anchor on map/array 2019-10-31 20:38:24 -07:00