mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-07 00:17:13 +00:00
Code Activity
1303 commits 17 branches 550 tags 289 MiB
Commit graph

630 commits

Author SHA1 Message Date
Shuting Zhao
38bf4d6055 add 'deny-use-of-host-fs' 2019-10-10 18:42:54 -07:00
Shuting Zhao
17f7eb6213 Merge branch 'master' into best_practice_policies 2019-10-10 18:15:55 -07:00
shivkumar dudhani
fd72ee3178 add unit tests 2019-10-10 17:34:20 -07:00
shivkumar dudhani
f6367cfe4a add negation anchor 2019-10-10 16:59:08 -07:00
Shuting Zhao
300665b22b Merge branch 'best_practice_policies' of https://github.com/nirmata/kyverno into best_practice_policies 2019-10-10 12:30:14 -07:00
Shuting Zhao
24f3b8ac96 disallow automountServiceAccountToken 2019-10-10 12:29:48 -07:00
shivkumar dudhani
dbc35eb8f4 enable disabled tests 2019-10-10 12:22:07 -07:00
Shuting Zhao
7fcc6bbd33 require default namespace resource quota 2019-10-10 10:46:11 -07:00
Shuting Zhao
3087257b46 disallow use of default namespace 2019-10-10 10:34:49 -07:00
Shuting Zhao
012360ae3a allow trusted registries 2019-10-10 10:29:10 -07:00
Shuting Zhao
4d29b461ff add require_image_tag_not_latest.yaml 2019-10-09 18:35:07 -07:00
Shuting Zhao
b5475fda5d comment out failed testscenarios 2019-10-09 18:31:09 -07:00
Shuting Zhao
3e1ef320a8 add require_probes.yaml 2019-10-09 17:49:00 -07:00
Shuting Zhao
ea25ed8460 add check-pod-request-limit.yaml 2019-10-09 17:37:31 -07:00
Shuting Zhao
18c190447f update require-readonly-rootfilesystem.yaml 2019-10-08 22:09:58 -07:00
Shuting Zhao
cb44585d70 add disallow_readonly_rootfilesystem.yaml 2019-10-08 22:05:15 -07:00
Shuting Zhao
c755df6b70 add scenario_validate_disallow_hostpid_hostipc.yaml 2019-10-08 21:58:05 -07:00
Shuting Zhao
ce41e4a99d add disallow_host_network_hostport.yaml 2019-10-08 21:51:35 -07:00
Shuting Zhao
0c0a9a69a6 add disallow_priviledged_privelegesecalation.yaml 2019-10-08 21:42:49 -07:00
Shuting Zhao
137d596e11 rename EngineResponseNew to EngineResponse accordingly 2019-10-08 16:23:24 -07:00
shuting
5c38c28904
Merge pull request #369 from nirmata/368_bug 
update engineResponse Name
 2019-10-08 16:02:07 -07:00
Shivkumar Dudhani
d973e84084
Merge pull request #366 from nirmata/best_practice_policies 
Add best practice policies
 2019-10-08 15:51:19 -07:00
Shuting Zhao
d7080c2d94 fix pr comment 2019-10-08 14:21:47 -07:00
shivkumar dudhani
70ff2fa177 update engineResponse Name 2019-10-08 10:57:24 -07:00
Shuting Zhao
2077409c85 fix 365 annotation_bug 2019-10-07 18:31:14 -07:00
Shuting Zhao
cac41d9fda using anyPattern for allowed image registries 2019-10-07 14:34:32 -07:00
Shuting Zhao
87d9cdd9dd best practice: volume white list 2019-10-07 12:46:34 -07:00
Shuting Zhao
16a851cd8b update sysctl 2019-10-07 11:35:04 -07:00
Shuting Zhao
c80f9e0f9d best_practice: sysctl 2019-10-07 11:21:14 -07:00
Shuting Zhao
2243e9e2e7 best practice: validate container capability 2019-10-04 18:15:39 -07:00
Shuting Zhao
0c09ba53eb best-practice: validate default proc mount 2019-10-04 17:48:57 -07:00
Shuting Zhao
1bd8663e4c add selinux best practice 2019-10-04 17:28:42 -07:00
Shuting Zhao
04c147eb77 add security context "fsgroup" 2019-10-04 16:50:23 -07:00
Shuting Zhao
57456e5f06 improve code 2019-10-03 18:19:47 -07:00
Shuting Zhao
ae393f567d make validation checks on different block internally 2019-10-03 17:53:46 -07:00
Shuting Zhao
e20d86f45c remove duplicate code: hasMutate.. 2019-10-03 17:00:05 -07:00
Shuting Zhao
c56c5c365d Provide more details to policy validation errors 2019-10-03 16:49:41 -07:00
Shuting Zhao
572418795a add validate checks for generate 2019-10-03 14:47:50 -07:00
Shuting Zhao
9d0b4c7d30 validate anchor in mutate and validate rule 2019-10-03 12:52:58 -07:00
shivkumar dudhani
c4e263564f CR: uncomment deadcode 2019-10-01 16:59:26 -07:00
shivkumar dudhani
7782c776f1 merge with master 2019-10-01 16:28:54 -07:00
Shivkumar Dudhani
e02d334dfc
Merge pull request #358 from nirmata/346_validate_policy 
346 validate policy
 2019-10-01 16:25:09 -07:00
Shuting Zhao
3ee2d57694 ignore kinds check on exclude resource description 2019-10-01 15:01:24 -07:00
shivkumar dudhani
515a31199e update equality operator 2019-10-01 13:08:34 -07:00
Shuting Zhao
a620c14c58 fix PR comment 2019-10-01 12:41:10 -07:00
shivkumar dudhani
17d80a08c0 introduce equality anchor 2019-10-01 12:35:14 -07:00
Shuting Zhao
8b174235df add unit tests 2019-10-01 11:50:10 -07:00
shivkumar dudhani
c3a2256c1c process policy in namespaces 2019-09-28 15:39:06 -07:00
shivkumar dudhani
56b2d2990b clean up 2019-09-28 14:20:39 -07:00
shivkumar dudhani
808cccb421 update validation logic 2019-09-28 14:09:46 -07:00