mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-07 00:17:13 +00:00
Code Activity
2651 commits 17 branches 550 tags 289 MiB
Commit graph

1443 commits

Author SHA1 Message Date
evalsocket
c319add062 used raw object 2020-07-10 17:01:48 -07:00
evalsocket
a64789c59d code fixes 2020-07-10 16:59:17 -07:00
evalsocket
8cf5cd70fe remove log 2020-07-10 15:43:49 -07:00
evalsocket
26ae7e2052 merge master changes 2020-07-10 15:25:05 -07:00
evalsocket
8289450c1c bug fixes 2020-07-10 15:23:07 -07:00
evalsocket
44a164b184 validation added 2020-07-10 12:27:31 -07:00
evalsocket
014db64ed2 validation added for deny request for generated resource 2020-07-10 11:48:27 -07:00
Yuvraj
ffe18aab86
Resolve Kyverno panic when sync the generate request (#975) 
* handle validate error panic

* return error in validate array

* fix error log message

Co-authored-by: Yuvraj <yuvraj@neualto.com>
 2020-07-09 11:50:05 -07:00
shuting
87fa77fbcc
965 add validate audit handler (#967) 
* store policy names cache to reduce lookup time

* add validate audit handler

* fix #958, remove auto-gen annotation on Pod

* formatting code

* update processTime to readable format

* #586, add back unit test

* update logging info

* remove unused interface

* handle generate policy in a single thread in weboook

* resolve pr comments
 2020-07-09 11:48:34 -07:00
Yuvraj
85d2ac9f84 added validation log 2020-07-09 05:48:35 -07:00
Yuvraj
b708770be1 added label for synchronize 2020-07-08 14:22:32 -07:00
Yuvraj
50b849aead delete generated resource logic added 2020-07-08 08:01:47 -07:00
Yuvraj
de51a7fdbd Merge branch 'master' of github.com:nirmata/kyverno into fix-976 2020-07-08 06:18:56 -07:00
Yuvraj
604dc395d8 check added for kyverno managed resource 2020-07-08 06:18:18 -07:00
NoSkillGirl
d01d5226a6 small fix 2020-07-07 17:40:54 +05:30
NoSkillGirl
643fe77394 added variable validation for validate 2020-07-07 17:11:37 +05:30
NoSkillGirl
2fde3146e8 added more validation for policies 2020-07-07 17:08:57 +05:30
Pooja Singh
59b2378274
reading kyverno svc from environment variable (#962) 
* reading kyverno svc from environment variable

* updated readme
 2020-07-04 19:35:31 -07:00
Jim Bugwadia
c962971372
Update mutate overlay to handle keys with slashes for labels (like annotations). Added debug V4 logs for mutate flows. (#972) 2020-07-04 19:32:11 -07:00
Jim Bugwadia
acff2f1237 handle nil error 2020-07-03 17:42:08 -07:00
shuting
ed52bd3d9f
Add policy cache based on policyType (#960) 
* add policy cache based on policyType

* fetch policy from cache in webhook

* add unit test for policy cache

* update log for exclude resources filter

* skip webhook mutation on DELETE operation

* remove duplicate k8s version check

* add description
 2020-07-02 12:49:10 -07:00
Pooja Singh
ac5d69895a
removing hardcoded namespace from the code (#955) 
* removing hardcoded namespace from the code

* Added to helm chart

* removing hard-coded namespace and deployment name from config, generate, checker

* added namespace to configMap, service, serviceAccount

* updated installation documentation

passing `KYVERNO_NAMESPACE` while running in debug mode.

* Update installation.md

removing `kyverno` only namespace note
 2020-07-01 14:50:49 -07:00
Jim Bugwadia
05250c2870
replace deletion timestamp check (#961) 2020-06-30 23:30:31 -07:00
Jim Bugwadia
65193feccb
update logging, naming, and event retry (#959) 
* update logging and naming

* check per policy patch count
 2020-06-30 11:53:27 -07:00
NoSkillGirl
8bbc722e7b small fixes 2020-06-26 12:48:45 +05:30
NoSkillGirl
b589169b5e Added in-notin operator 2020-06-26 12:48:45 +05:30
NoSkillGirl
e8c4050d49 Added In and NotIn Operators 2020-06-26 12:48:12 +05:30
shuting
abb51348cf
skip inserting auto-gen annotation to podController on UPDATE admission request (#953) 2020-06-25 17:24:10 -07:00
shuting
7ffeb6efca
skip generate violation on pre-exist pod (#952) 2020-06-25 09:52:54 -07:00
shuting
06a2b246dd
Background mode only apply to running pods (#949) 
* background mode process Running pod only

* update debug doc
 2020-06-25 09:52:27 -07:00
shuting
da943325fe
Ignore auto-gen annotation on Pod when processing DENY rule (#944) 
* ignore auto-gen annotation on Pod when processing DENY rule

* remove unused code
 2020-06-24 10:26:04 -07:00
Yuvraj
01724d63cf
Synchronize data for generated resources (#933) 
* Generate request added fro update resource

* synchronize flag added

* documentation added for keeping resource synchronized

Signed-off-by: Yuvraj <yuvraj.yad001@gmail.com>
 2020-06-23 07:19:43 +05:30
NoSkillGirl
6cfd4d345b Updated error messages as per the convention (lowercase) 2020-06-21 11:52:50 +05:30
NoSkillGirl
7e2dbd87fe Modified error messages 2020-06-21 11:48:57 +05:30
NoSkillGirl
c482459e0e updated sanitized error 2020-06-18 13:57:32 +05:30
Jim Bugwadia
912bc3ccc4 - fix panic in log and improve CLI error reporting 2020-06-12 18:23:59 -07:00
NoSkillGirl
054a119063 simplified exit code 2020-06-09 12:55:42 +05:30
NoSkillGirl
e267757d30 Added more exit codes and update Readme 2020-06-08 17:01:56 +05:30
NoSkillGirl
2d74937bd6 Added different exit code(3) on invalid policy 2020-06-08 11:50:56 +05:30
shuting
1c5fc22aa0
Tag release 1.1.6 (#911) 
* tag v1.1.6-rc5

* tag 1.1.6
 2020-06-04 17:13:16 -07:00
shuting
b3a1e51a84
bug fix auto-gen annotation reported as violation (#902) 
* fix auto-gen annotation reported as violation

* update log
 2020-06-03 17:47:06 -07:00
Shuting Zhao
d56c1ac15f remove debug log 2020-06-01 19:38:21 -07:00
Shuting Zhao
a1d7816c10 fix violation updates when there's no change 2020-06-01 19:37:48 -07:00
Shuting Zhao
52d45ec3c5 fix resource schema not found error 2020-06-01 19:36:01 -07:00
Jim Bugwadia
07e93e0638
Merge pull request #890 from NoSkillGirl/enhancement/multipart-yaml 
Handling Multi YAML (Policies and Resources)
 2020-06-01 10:24:29 -07:00
NoSkillGirl
230ba9db68 removing unnecessary logs 2020-06-01 18:04:16 +05:30
NoSkillGirl
83a3ae14c6 small fix 2020-06-01 17:15:23 +05:30
NoSkillGirl
64185291da fixed issue commits 2020-06-01 16:49:40 +05:30
NoSkillGirl
0447fc300e Handling Multi Yaml (Policies and Resources) 2020-05-29 15:32:29 +05:30
Jim Bugwadia
5cdcbec3c9
Bugfix/1.1.6 adjust resync and cleanup unused (#884) 
* - support wildcards for namespaces

* do not annotate resource, unless policy is an autogen policy

* close HTTP body

* improve messages

* remove policy store

Policy store was not fully implemented and simply provided a way
to list all polices and get a policy by name, which can be done via
standard client-go interfaces.

We need to revisit and design a better PolicyStore that provides fast
lookups for matching policies based on names, namespaces, etc.

* handle wildcard namespaces in background processing

* fix unit tests 1) remove platform dependent path usage 2) remove policy store

* add test case for mutate with wildcard namespaces

* adjust all resync periods

* remove unused data fields

* add pattern for match
 2020-05-27 19:51:34 -07:00