mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00
Code Activity
4821 commits 15 branches 540 tags 276 MiB
Commit graph

21 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
e4bf66e756
feat: remove policy mutation for auto-gen rules (#5123) 
* feat: remove policy mutation code

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* changelog

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2022-10-25 23:43:46 +00:00
Charles-Edouard Brétéché
0d50b70134
feat: add flag to configure the number of background scan workers (#5088) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-10-20 23:02:38 +02:00
Charles-Edouard Brétéché
e0ab72bb9a
feat: reports v2 implementation (#4608) 
This PR refactors the reports generation code.
It removes RCR and CRCR crds and replaces them with AdmissionReport, ClusterAdmissionReport, BackgroundScanReport and ClusterBackgroundScanReport crds.

The new reports system is based on 4 controllers:

Admission reports controller is responsible for cleaning up admission reports and attaching admission reports to their corresponding resource in case of a creation
Background scan reports controller is responsible for creating background scan reports when a resource and/or policy changes
Aggregation controller takes care of aggregation per resource reports into higher level reports (per namespace)
Resources controller is responsible for watching reports that need background scan reports
I added two new flags to disable admission reports and/or background scan reports, the whole reporting system can be disabled if something goes wrong.

I also added a flag to split reports in chunks to avoid creating too large resources.

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: prateekpandey14 <prateek.pandey@nirmata.com>
 2022-09-28 17:15:16 +05:30
Charles-Edouard Brétéché
328fdc8b3d
feat: add feature flag to disable background scan (#4638) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
 2022-09-19 12:00:36 +00:00
Charles-Edouard Brétéché
9b522cb757
chore: add protectManagedResources flag to changelog (#4522) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-09-07 14:33:52 +00:00
shuting
23a1df0d7b
Cherry-pick #4233 (#4236) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-07-20 22:22:15 +05:30
shuting
77fb10a430
Clean up RCRs if the count exceeds the threshold (#4148) 
* Clean up RCRs if the count exceeds the limit

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Sets reports to inactive on resourceExhausted error

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix linter

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add a container flag changeRequestLimit

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Skip generating RCRs if resourceExhausted error occurs

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* set default RCR limit to 1000

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Update log messages and CHANGELOG.md

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Address review comments

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Extract mapper to a separate file

Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2022-06-28 06:18:57 +00:00
Charles-Edouard Brétéché
2b6549fd5b
chore: remove config flags (#3786) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
 2022-05-03 17:52:10 +00:00
Charles-Edouard Brétéché
8c930134ef
feat: remove deprecated flags (#3680) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-04-26 14:53:01 +00:00
Charles-Edouard Brétéché
30261b5235
feat: add conditions support (#3378) 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: shuting <shuting@nirmata.com>
 2022-03-18 22:00:01 +08:00
Mritunjay Kumar Sharma
05bd2ff4bb
Updates Changelog to add note for anyPattern issue due to k8s v1.23 (#3045) 
* adds notes for anyPattern issue due to k8s v1.23

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* updates changelog

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* updates changelog for any/all

Signed-off-by: Mritunjay Sharma <mritunjaysharma394@gmail.com>

* Update CHANGELOG.md

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
 2022-01-26 03:36:22 +00:00
Kumar Mallikarjuna
e3c17972a8
Update CHANGELOG (#2727) 
Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
 2021-11-16 19:31:36 +08:00
Kumar Mallikarjuna
17e671bf53
Remove redundant PDB (#2598) 
* Remove field podDisruptionBudget.enabled

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update CHANGELOG.md

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update CRDs

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Update CHANGELOG to 1.5.2-rc1

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>

* Remove enabled flag

Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna1@gmail.com>
 2021-11-09 09:15:28 -08:00
ShutingZhao
eddd258a40 release v1.5.0-rc1 
Signed-off-by: ShutingZhao <shutting06@gmail.com>
 2021-10-07 16:04:08 -07:00
Anushka Mittal
efe0c28f6b
Fixes port names in flags (#2490) 
* fixed port names in flags

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* minor fixes

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
 2021-10-06 14:41:07 -07:00
Anushka Mittal
3914c513a8
Changing flag names for consistency (#2467) 
* changing flag names for consistency

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* changes for backward compatibility

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>

* updated the CHANGELOG.md

Signed-off-by: anushkamittal20 <anumittal4641@gmail.com>
 2021-10-06 10:32:48 -07:00
Shuting Zhao
ec050241fc release v1.4.3 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-09-16 11:56:52 -07:00
Shuting Zhao
0660db94bd release v1.4.3-rc2 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-09-14 20:35:58 -07:00
Shuting Zhao
b3e529f817 release v1.4.3-rc1 2021-09-13 14:44:24 -07:00
Shuting Zhao
fb6e0f18ea release v1.4.2 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-08-11 12:48:37 -07:00
Shuting Zhao
7d9c06da81 tag 1.4.2-rc4 
Signed-off-by: Shuting Zhao <shutting06@gmail.com>
 2021-08-10 17:41:22 -07:00