kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
shuting	de41b176f6	Tag 1.7.0-rc3 (#4036 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-30 09:01:16 +00:00
shuting	1f4575678c	Fix labels with invalid charrs (#4034 ) (#4035 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-30 05:46:03 +00:00
shuting	845a83d3e2	Cherry-pick #4022 (#4033 ) * Cherry-pick #4022 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove unused file	2022-05-30 09:26:03 +05:30
Vyankatesh Kudtarkar	1ac444451e	fix vulnerable (#4027 ) (#4028 )	2022-05-26 05:43:08 +00:00
Vyankatesh Kudtarkar	515d59ebcb	Request operation value by default to CREATE (#3894 ) (#4026 ) * set by default request.operation to CREATE Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * Added test cases Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: vivek kumar sahu <vivekkumarsahu650@gmail.com>	2022-05-26 04:36:36 +00:00
shuting	6e57e6a44b	Release v1.7.0-rc2 (#4021 ) * Tag 1.7.0-rc2 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Update Helm doc Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-25 08:56:34 +00:00
Charles-Edouard Brétéché	f2c8096d5f	Cherry pick #4007 #4008 (#4020 ) * fix: remove update ur status in generator (#4008) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove update ur status in generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `2e91d233c0`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * cherry pick #4007 Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 08:15:59 +00:00
Charles-Edouard Brétéché	56d32e93e7	fix: stop mutation policies when autogen internals is enabled (#4004,#4009,#3996) (#4016 ) * fix: stop mutation policies when autogen internals is enabled (#4004) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `c9f8a68d8a`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator (#4009) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `3a3556919f`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move label helper utils from policy package to background package (#3996) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `1712dfa947`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 12:14:40 +08:00
Jim Bugwadia	eaa629714e	cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 (#4015 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-24 16:25:26 +00:00
Charles-Edouard Brétéché	d55f2c34a2	refactor: add policy event listener in ur controller (#4012 ) (#4014 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `cd1fa030ee`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:01:11 +00:00
shuting	93c69780bb	Support `@` for mutate targets (#3998 ) (#4010 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-24 13:05:50 +00:00
Prateek Pandey	07e1afaa61	fix: stop mutating cached resource in ur controller (#4003 ) (#4006 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:09:51 +05:30
Charles-Edouard Brétéché	78e7c5dc18	fix: move ur controller filtering in reconciler (#3964 ) (#3994 ) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: move ur controller filtering in reconciler (#3964) * fix: move ur controller filtering in reconciler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: mark ur retry on conflict Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: test data Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add filter back in update ur handler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: added some logs about attempts and increased backoff Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: reconciliation logic Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: Test_Generate_Synchronize_Flag Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: small nits Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `1936d86623`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: conflicts Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-23 23:53:49 +08:00
Prateek Pandey	8dbadbc96b	fix: release ur when handler pod is gone (#3993 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-23 14:23:10 +00:00
Prateek Pandey	97b874897b	fix: mark ur retry on conflict (#3961 ) (#3963 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-18 07:20:07 +00:00
shuting	c98d80627c	fix: replica count in helm chart (#3954 ) (#3962 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-18 04:16:13 +00:00
Prateek Pandey	3f47ab6a5d	Cherry pick #3953 #3955 (#3960 ) * Cleanup URs on trigger deletion (#3955) * Clean URs on trigger deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * Make kyverno api import aliases consistent Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix gofumpt error Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove unused code Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * fix panic issue for ur (#3953) * fix the import Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-18 11:45:29 +08:00
Prateek Pandey	7d66968d7f	fix: handle UR delete once trigger namespace deleted (#3934 ) (#3938 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 15:41:42 +08:00
Prateek Pandey	000c90d424	fix: use patch to update handler status in UR (#3927 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 12:59:11 +08:00
shuting	e779cb866a	Cleanup the UR for mutate policies once it's completed (#3923 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-16 04:45:44 +00:00
shuting	4972f20259	Remove permissions in helm-release workflow (#3901 ) (#3903 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-12 08:34:38 +00:00
shuting	e84b508ffb	Release v1.7.0-rc1 (#3896 ) Tag v1.7.0-rc1 Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-12 05:23:14 +00:00
Jim Bugwadia	f05d86d375	cherry-pick #3893 (#3895 )	2022-05-12 04:16:15 +00:00
Vyankatesh Kudtarkar	a0eadad77b	Fix subject match selector issue in cli (#3887 ) (#3892 ) Signed-off-by: Vyankatesh vyankateshkd@gmail.com	2022-05-11 16:36:42 +00:00
Prateek Pandey	44be131ed0	skip var checks in attestations (#3876 ) (#3885 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-11 09:57:00 +00:00
Prateek Pandey	ac75ea1717	fix: undo length validation check for generate rule resource name (#3865 ) (#3872 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-11 05:44:50 +00:00
shuting	0e6bf44b0f	Handle errors properly for mutate and generate on existing resources (#3863 ) (#3866 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-10 23:08:50 +05:30
Prateek Pandey	eb25d6dc6f	refactor: remove unused functions (#3844 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-10 18:13:25 +08:00
Vyankatesh Kudtarkar	737d3bdd36	handle subresources (#3841 ) (#3848 ) * handle subresources Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix logger name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix webhook and logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-10 12:34:17 +08:00
Prateek Pandey	8b6d3d1f6a	feat: trigger generate on existing matched resource (#3819 ) * feat: trigger generate on existing matched resource Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor the triggers and fix review comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add trigger for other matching kinds Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * implement match exclude using dynamic client Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor generate trigger Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * increase sleep timeout Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * optimize unstructured list Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix review comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * log refactor and clean debug comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-09 07:13:11 +00:00
Charles-Edouard Brétéché	bbe65959bc	refactor: webhook config package (part 2) (#3833 ) * refactor: webhookconfig package (part 1) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhook config package (part 2) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-08 14:14:31 +02:00
Charles-Edouard Brétéché	af56adb0a6	refactor: webhookconfig package (part 1) (#3831 ) * refactor: webhookconfig package (part 1) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: sonatype issue Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-08 12:47:49 +01:00
Jim Bugwadia	69ac94b0ee	fix check and add logs (#3838 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-08 07:45:02 +00:00
Sambhav Kothari	2dc54e5c1b	Allow variables of any kind to be defined (#3828 ) Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-05-07 20:30:11 +00:00
Charles-Edouard Brétéché	306b22a5db	fix: policy deletion in webhookconfig (#3832 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-07 21:09:19 +01:00
Afzal Ansari	3845225db1	refactor: imported pkg redeclared and a few other unused func (#3827 ) * Removes paths redeclared Signed-off-by: afzal442 <afzal442@gmail.com> * fixes v1 redeclared Signed-off-by: afzal442 <afzal442@gmail.com> * fixes mergeSucceededResults func never used Signed-off-by: afzal442 <afzal442@gmail.com> * fixes func unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors unused func Signed-off-by: afzal442 <afzal442@gmail.com> * refactors unused func Signed-off-by: afzal442 <afzal442@gmail.com> * refactors getNamespacesForRule unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors policyNamespace unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors replacing loop with ... Signed-off-by: afzal442 <afzal442@gmail.com> * refactors func buildPolicyLabel unused Signed-off-by: afzal442 <afzal442@gmail.com> * removes unused func Signed-off-by: afzal442 <afzal442@gmail.com> * removes unused comment Signed-off-by: afzal442 <afzal442@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-07 16:44:57 +00:00
Afzal Ansari	5262ed9225	refactor: shell to prevent globbing and word splitting (#3829 ) * refactors scripts/create-e2e-infrastruture sh Signed-off-by: afzal442 <afzal442@gmail.com> * refactors scripts/deploy-controller.sh Signed-off-by: afzal442 <afzal442@gmail.com> * refactors scripts/generate-server-cert.sh Signed-off-by: afzal442 <afzal442@gmail.com> * minor changes Signed-off-by: afzal442 <afzal442@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-07 16:46:50 +01:00
Moritz Johner	4d2ec26c90	CLI should respect scored annotation for warnings (#3821 ) Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-05-07 13:33:50 +00:00
Sambhav Kothari	c3604c1170	Add an object_from_lists function (#3824 )	2022-05-07 12:05:04 +00:00
Sambhav Kothari	876a216b5f	Improve logging and error handling in json context (#3825 )	2022-05-07 11:32:48 +00:00
Sambhav Kothari	e55bf0bf6f	Relax JMESPath variable validation (#3826 )	2022-05-07 16:40:53 +05:30
shuting	b4f2b63f53	Load `mutate.targets` via dclient (#3797 ) * Load mutate.targets via dclient Signed-off-by: ShutingZhao <shuting@nirmata.com> * Do not fail on namespace cleanup for e2e generate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix wildcard name listing for a certain namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * Rename onPolicyUpdate to mutateExistingOnPolicyUpdate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Enable "mutateExistingOnPolicyUpdate" on policy events Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-06 05:46:36 +00:00
Jim Bugwadia	db3502656d	Cert attestor (#3809 ) * add certificates attestor Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * split certs from keys Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add Rekor and fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-05 21:57:20 -07:00
Jim Bugwadia	76608e315e	handle duplicate images; use container name as key (#3779 ) * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-05 14:06:18 -07:00
Charles-Edouard Brétéché	5d2e2faf72	fix: autogen rules in status (#3728 ) * refactor: autogen package logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add rules to status only when necessary Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-05-05 15:11:26 +00:00
Prateek Pandey	2af9046e13	refact: disable leader for update request controller (#3807 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-05 14:19:19 +00:00
Charles-Edouard Brétéché	d480f9f8f4	chore: remove broken .ca from helm chart (#3811 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-05 13:53:04 +00:00
Charles-Edouard Brétéché	25c2bf0e1f	fix: remove k8s apiserver from self-generated cert (#3803 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-05 13:26:55 +00:00
Vyankatesh Kudtarkar	13d8a96f92	Policy Validation check for onPolicyUpdate flag (#3814 ) * policy validation check for OnPolicyUpdate flag * add validation check for onupdatepolicy flag	2022-05-05 21:04:49 +08:00
shuting	8a9a98d8b5	Add `handler` to `UR.status` (#3791 ) * - Add "handler" to "ur.status" - Mark / Unmark handler upon UR reconciliation Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add field onPolicyUpdate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Update API docs Signed-off-by: ShutingZhao <shuting@nirmata.com> * Add delay in generate e2e tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove duplicate logic for cleaning up the cloned resource Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-05 16:26:27 +05:30

1 2 3 4 5 ...

4296 commits