kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Yashvardhan Kukreja	69c3418ca9	added: a pre-flight validation check for ensuring that only 'any'/'all' fields are present under conditions (#1791 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-04-16 17:23:01 -07:00
Max Goncharenko	6a0305674a	JMESPath custom functions (#1772 ) * JMESPath: Support regex expressions Signed-off-by: Max Goncharenko <kacejot@fex.net> * JMESPath: Add string functions Signed-off-by: Max Goncharenko <kacejot@fex.net> * Removed {{$}} variable handling logic Signed-off-by: Max Goncharenko <kacejot@fex.net> * Name all functions in snake case; Update error message; Fix {{@}} behavior Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-16 16:17:00 -07:00
shuting	f93f3344d2	fix result removal for DELETION requests (#1811 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-16 13:51:35 -07:00
shuting	f515bc5dbf	skip rule application if referred path not exist (#1806 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-15 17:33:34 -07:00
shuting	081244a102	Fix array variables substitution (#1800 ) * fix array variables substitution Signed-off-by: Shuting Zhao <shutting06@gmail.com> * Add ability to marshal complex vars to string Signed-off-by: Max Goncharenko <kacejot@fex.net> * Added tests for variable substitution Signed-off-by: Max Goncharenko <kacejot@fex.net> Co-authored-by: Max Goncharenko <kacejot@fex.net>	2021-04-14 13:09:00 -07:00
Frank Jogeleit	0e3e42ea33	Fix Typo in builder method names (#1798 ) Signed-off-by: Frank Jogeleit <fj@move-elevator.de>	2021-04-13 16:41:07 -07:00
Max Goncharenko	8050c4e77b	moved variable substitution to higher level to avoid unhandled cases (#1785 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-13 11:44:43 -07:00
shuting	9dab21619f	Match endpoint to the exact Kyverno Pod's IP (#1787 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com> * match endpoint ip with the exact pod ip Signed-off-by: Shuting Zhao <shutting06@gmail.com> * - add tag "app.kubernetes.io/name"; - reduce throttling requests when deletes webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add [SelfSubjectAccessReview,,] to resource filters Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-12 20:29:51 -07:00
shuting	f3ca1d78f1	Fix log message (#1779 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-08 12:10:30 -07:00
Vyankatesh Kudtarkar	e2cd04c91f	Fix #1446 :Failed to mutate policy (#1767 ) * Fix failed to mutate policy Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix autogen rule issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * addPolicy and AddNsPolicy changes * fix code indentation * change kind -> policy Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix kind for policy * fix comments Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-07 16:34:45 -07:00
Frank Jogeleit	072d9f7951	Add Support for policies.kyverno.io/severity annotation (#1763 ) Signed-off-by: Frank Jogeleit <fj@move-elevator.de>	2021-04-07 14:56:27 -07:00
Max Goncharenko	01004e1db0	Fix #1754 Invalid variable validation (#1770 ) Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-04-06 10:56:06 -07:00
Shuting Zhao	741f230272	add unit tests Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-05 14:41:30 -07:00
Shuting Zhao	4b8b8cbfa6	remove namespace field on kind Namespace Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-05 13:05:47 -07:00
Jim Bugwadia	3cffc3654a	Merge pull request #1762 from realshuting/1757_default_image_info Set default image registry and tag if not present	2021-04-01 13:40:13 -07:00
Jim Bugwadia	fb368ba24b	Merge pull request #1755 from realshuting/1749_fix_concurrent_read_write Fix concurrent read/write when loading configmap data	2021-04-01 13:39:27 -07:00
Shuting Zhao	1cf8efd472	set default image registry and tag if not present Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-01 09:50:34 -07:00
shuting	72fd921cb6	fix exclude logic (#1756 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 22:02:36 -07:00
Shuting Zhao	cab81eadda	operate on the copy of configmap data Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 15:22:25 -07:00
Shuting Zhao	b0cee60100	change the order for variable validation: add allowed vars first Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 14:29:46 -07:00
Shuting Zhao	4d01f76797	- fix variable validation; - update log level Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-31 13:24:36 -07:00
treydock	91713ee566	Check webhooks are present during liveness (#1748 ) Fixes #1747 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-03-31 12:44:56 -07:00
treydock	0131f375f1	Register webhooks only once service endpoint is ready (#1741 ) * Register webhooks only once service endpoint is ready Fixes #1740 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Wait for webhook to become ready in main loop Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Better error handling and logging around checking endpoint Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> * Log soft failure as info, remove redundant return Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-03-30 13:46:01 -07:00
Pooja Singh	ca5a4e1986	added multiple item logic for clone in generate policy (#1744 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-29 22:36:16 -07:00
Pooja Singh	118b979ef1	skipping schema check for unknown kinds (#1736 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-29 12:13:26 -07:00
Jim Bugwadia	e7a8eb93ee	Merge pull request #1714 from kacejot/vars-substitution Bug Fix: #1506 issue; Resolve path reference in entire rule	2021-03-26 14:53:30 -07:00
Vyankatesh Kudtarkar	057ec4e690	Fix : 1657 (Update variable paths when auto generate the controller rules) and 1615 ( kyverno apply pipe through to kubectl) (#1735 ) * Fix 1657and 1615 Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix build issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * remove logs Signed-off-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-03-26 11:03:45 -07:00
Jim Bugwadia	f29f6b0369	add comment Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-26 10:47:59 -07:00
Jim Bugwadia	908950c47a	address comments Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 21:27:16 -07:00
Jim Bugwadia	72cdbafbae	fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 18:11:32 -07:00
Jim Bugwadia	8d03f8c59e	merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 18:00:02 -07:00
Pooja Singh	a0ddd2c184	Added validate logic for generate to handle multiple items in array (#1727 ) * added validate logic for generate Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * format fix Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * gofmt fix Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added test cases Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-25 17:04:43 -07:00
Jim Bugwadia	6dff9e0ab9	merge and resolve conflicts Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-03-25 16:43:12 -07:00
shuting	fd9acf21a7	Auto-recover policy report (#1730 ) * auto-recover policy report Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add flag background-scan to tune this interval Signed-off-by: Shuting Zhao <shutting06@gmail.com> * cleanup webhook configurations when Kyverno deployment is deleted Signed-off-by: Shuting Zhao <shutting06@gmail.com> * reconcile policy reports if Kyverno Configmap changes Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-25 12:28:03 -07:00
Jim Bugwadia	4d70013e22	Merge pull request #1724 from MarcelMue/fix-apipath-validation Make validateAPICall work with special characters in variables	2021-03-24 22:28:09 -07:00
shuting	c08843ef77	Add Images info to variables context (#1725 ) * - remove supportMutateValidate; - refactor new context in the webhook Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add ImageInfo to variables context Signed-off-by: Shuting Zhao <shutting06@gmail.com> * revert unexpected changes Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-23 10:34:03 -07:00
Marcel Mueller	c10a994045	Rename variable to kyvernoapicallvariable Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>	2021-03-23 18:24:17 +01:00
Jim Bugwadia	f9be2651ad	Merge pull request #1729 from realshuting/1670_generate_concurrently make the number of generate workers configurable	2021-03-23 08:26:19 -07:00
Shuting Zhao	c3360b7389	make the number of generate workers configurable Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-22 19:14:06 -07:00
Shuting Zhao	d650d2b609	fixes variable substitution in context.apiCall.jmesPath Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-22 12:15:29 -07:00
Pooja Singh	bcc19971eb	skip GRs for spec being same in old and updated policy (#1723 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-19 15:33:52 -07:00
Pooja Singh	4128410207	Enhancement/existence anchor - should loop all the items in the array (#1719 ) * updated validating policy code Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * changed existance logic to loop all the items in array Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * updated comments and error messages Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-19 15:18:26 -07:00
Max Goncharenko	3373a79f26	Bug Fix: #1585 issue; validate on DELETE the oldResource (#1710 ) * fix #1585 issue; validate on DELETE the oldResource Signed-off-by: Max Goncharenko <kacejot@fex.net> * apply PR edits for #1585 issue fix; add test with nested var Signed-off-by: Max Goncharenko <kacejot@fex.net>	2021-03-19 14:43:26 -07:00
Marcel Mueller	4f96232e62	Make validateAPICall work with special characters in variables Signed-off-by: Marcel Mueller <marcel.mueller1@rwth-aachen.de>	2021-03-19 20:29:55 +01:00
Shuting Zhao	7502e5da98	fix variable substitution in NumericOperatorHandler Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-18 13:40:14 -07:00
shuting	9a99cc3a33	fix Namespace scope (#1718 ) Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-17 10:28:44 -07:00
Vyankatesh Kudtarkar	04dc3ddfe3	Remove sample Dir and Remove testcases from test_runner (#1686 ) * remove sample Dir and remove testcases form test_runner Signed-off-by: vyankatesh <vyankatesh@neualto.com> * change git URL for test Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix fmt issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> * remove unused policy and test yamls Signed-off-by: vyankatesh <vyankatesh@neualto.com> * fix yaml path issue Signed-off-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-03-16 14:35:32 -07:00
Jim Bugwadia	ee54b8bff3	Merge pull request #1716 from jsnider-mtu/change-isNotIn Change isNotIn	2021-03-16 13:43:24 -07:00
Pooja Singh	861cec36c0	fixed issue (#1707 ) Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-03-16 12:57:31 -07:00
Joshua Snider	6699bfab8c	Fix tests Signed-off-by: Joshua Snider <jsnider@mtu.edu>	2021-03-16 15:00:42 -04:00

1 2 3 4 5 ...

1882 commits