mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
4254 commits 16 branches 550 tags 288 MiB
Commit graph

40 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
6e07acdd87
refactor: replace clientset by inteface (#3774) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-05-02 20:30:07 +00:00
Jim Bugwadia
4f8eab76ce
cleanup event messages and sources (#3741) 
* cleanup events

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix sonatype issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-05-02 05:14:32 +00:00
Charles-Edouard Brétéché
68c35b2f2e
refactor: remove some api unnecessary pointers (2) (#3705) 
* refactor: remove some api unnecessary pointers

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

* refactor: remove some api unnecessary pointers (2)

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-04-28 17:11:14 +08:00
Charles-Edouard Brétéché
04d094f775
fix: reduce dependency to ns lister (#3509) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-03-31 12:48:36 +05:30
Charles-Edouard Brétéché
04740c52fa
refactor: use more policy interface (#3510) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-03-31 12:14:00 +05:30
shuting
ad56087b91
list resources once per policy in the background reconcilliation (#3026) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-01-19 16:42:01 +00:00
Frank Jogeleit
abb5bd2947
Add SelectorLabel to (Cluster)PolicyReporter resources (#2841) 
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

Co-authored-by: shuting <shutting06@gmail.com>
 2021-12-17 05:03:52 +00:00
Yulia Nedyalkova
40d30df726
Fix bug in event creation for failed policies (#2652) 
Signed-off-by: yulianedyalkova <julianedialkova@gmail.com>
 2021-11-03 11:55:58 +01:00
Jose Armesto
831a9826d1
Restructure project to follow standards (#2632) 
Signed-off-by: Jose Armesto <github@armesto.net>
 2021-10-29 18:13:20 +02:00
Jim Bugwadia
39061d91c4 implement validate.foreach 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-09-26 02:12:31 -07:00
Frank Jogeleit
c522343c03
Update PolicyReport CRDs to wgpolicyk8s.io/v1alpha2 (#1825) 2021-08-21 10:35:17 -07:00
shuting
104cd310e8
Cleanup Report Change Requests (#2134) 
* clean up RCRs if retry fails

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* cleanup report change request when background scan starts

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add verb deletecollection to ClusterRole kyverno:customresources

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-07-14 09:57:16 -07:00
Valentin Velkov
63f4c9a884
Configurable success events on policies & resources. Generating failure events on policies by default. (#1939) 
* Remove unused event.Reason const

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Generate failure events on policies

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Generate success events on policy

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Introduce 'generateSuccessEvents' flag

Signed-off-by: Velkov <valentin.velkov@sap.com>

* Unit tests & chart fix

Signed-off-by: Velkov <valentin.velkov@sap.com>
 2021-06-29 14:43:11 -07:00
shuting
fd9acf21a7
Auto-recover policy report (#1730) 
* auto-recover policy report

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* add flag background-scan to tune this interval

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* cleanup webhook configurations when Kyverno deployment is deleted

Signed-off-by: Shuting Zhao <shutting06@gmail.com>

* reconcile policy reports if Kyverno Configmap changes

Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-03-25 12:28:03 -07:00
Jim Bugwadia
e2f10c6f83 update validation logic 2020-12-23 15:10:07 -08:00
shuting
3c5f9f8888
1398 - Reduce RCR throttling requests (#1406) 
* reduce RCR throttling requests by merging policy application (policy - namespace) results into single RCR

* - refactor policy controller; - fix RCR issue

* - refactor RCR controller; - fix cpolr on ns update; - reduce throttling when getting resources; - fix tests

* update CRD schema

* fix typo
 2020-12-21 11:04:19 -08:00
shuting
5e07ecc5f3
Add Policy Report (#1229) 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2020-11-09 11:26:12 -08:00
Shuting Zhao
cdc5190c56 update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00
shuting
75a7543c6d
Events fix (#1006) 
* remove success event

* remove event success message

* remove events generated on clusterpolicy
 2020-07-20 20:30:02 +05:30
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
shivkumar dudhani
e6e5bbb603 Merge branch 'master' into access_check 2020-03-17 17:23:18 -07:00
shivkumar dudhani
d327309d72 refactor logging 2020-03-17 16:25:34 -07:00
shivkumar dudhani
1b1ab78f77 logs & access 2020-03-17 11:05:20 -07:00
shravan
157694b4fd 527 skippings stats for sync pv 2020-02-26 00:26:09 +05:30
Shuting Zhao
ecbbd04bc5 - remove policy violation created on owner and related logic; - use generic call to create violation info 2020-01-06 17:07:11 -08:00
Shivkumar Dudhani
5b8ab3842b
Support variable substitution (#549) 
* initial commit

* variable substitution

* update tests

* update test

* refactor engine packages for validate & generate

* update vendor

* update toml

* support variable substitution in overlay mutation

* missing update

* fix indentation in logs

* store context values as single JSON document using merge patches.

* remove duplicate functions

* fix message string

* Handle processing of policies in background (#569)

* remove condition check while generating mutation patch as conditions are verified in the first iteration

* initial commit

* background policy validation

* correct message

* skip non-background policy process for add/update

* fix order to correct policy registration

* update comment

Co-authored-by: shuting <shutting06@gmail.com>

* refactor

Co-authored-by: shuting <shutting06@gmail.com>
 2019-12-30 17:08:50 -08:00
Shivkumar Dudhani
085856baa1
add event source and format event messages (#565) 2019-12-26 11:50:41 -08:00
Shivkumar Dudhani
a81d5c9ae7
update event message (#515) 2019-11-18 17:13:48 -08:00
Shuting Zhao
b67577994a update apiversion to v1 in code 2019-11-13 13:41:08 -08:00
Shuting Zhao
b811bb269e rename policyviolation related package/function to clusterpolicyviolation 2019-11-12 19:12:36 -08:00
shivkumar dudhani
d8bf7fa284 clean up fixes 2019-11-12 16:49:05 -08:00
shivkumar dudhani
f271af95cc use store to hold values and queue for keys 2019-11-12 16:01:09 -08:00
shivkumar dudhani
ccbb6e33a5 introduce policy violation generator 2019-11-12 14:41:29 -08:00
Shivkumar Dudhani
1613434c46
458 cleanup (#464) 
* cleanup of policy violation on policy spec changes + refactoring

* remove unused code

* remove duplicate types

* cleanup references

* fix info log and clean code

* code clean

* remove dead code
 2019-11-08 20:45:26 -08:00
shivkumar dudhani
70ff2fa177 update engineResponse Name 2019-10-08 10:57:24 -07:00
shivkumar dudhani
5dab189743 fix event resource name + add filtered kinds to policy controller & namespace + fix messages 2019-09-12 15:04:35 -07:00
shivkumar dudhani
5b80da32ba replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00
shivkumar dudhani
aed0ed0dc1 clean up 2019-08-14 10:01:47 -07:00
shivkumar dudhani
d8c6dc3bc6 construct policy Info 2019-08-13 17:24:05 -07:00
shivkumar dudhani
c04a935300 existing resource reporting 2019-08-13 13:15:04 -07:00