mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
7108 commits 15 branches 540 tags 276 MiB
Commit graph

7108 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vaibhav Mewada
ea48bdeb31
changed the log level in match policy context (#9626) 
Signed-off-by: Vaibhav Mewada <vaibhav@zoop.one>
Co-authored-by: Vaibhav Mewada <vaibhav@zoop.one>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-02-23 11:13:55 +00:00
Khaled Emara
2b2587469d
feat: enhance global context (#9710) 
* feat(globalcontext): add event handling

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* feat(globalcontext): handle cache sync error

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* feat(globalcontext): ensure api is called during init

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* design(events): decouple events from policies a bit

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* feat(globalcontext): use status

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): make status optional

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): status update

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): codegen

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): delete yaml annotations

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): fix status in tests

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcotext): update enqueue func

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): error

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): rbac

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): retry logic

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): unknown api call in test

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* bump

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix: set unique name for each testing resource

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: update readme

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: log msg

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: add delays

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: delay gctce creation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* debug: check Kyverno status

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* debug: update chainsaw config

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* debug: revert chainsaw config

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* test(globalcontext): print actual status

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): add necessary delays and check status before applying

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(globalcontext): long refreshInterval

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* debug: log success

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* debug: print informer data

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): use client instead of informer

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* debug: print status after update

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* debug: print ResourceVersion

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* debug: remove gcecontroller from other controllers

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): update status only once

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore: remove excess logs

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): add store to cleanup controller

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-23 10:34:04 +00:00
shuting
7a93dcdbc9
chore: default logging format to rfc3339 (#9775) 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
 2024-02-23 10:01:42 +00:00
dependabot[bot]
cd023846a7
chore(deps): bump adRise/update-pr-branch from 0.7.1 to 0.7.2 (#9766) 
Bumps [adRise/update-pr-branch](https://github.com/adrise/update-pr-branch) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/adrise/update-pr-branch/releases)
- [Commits](bf25036ca6...1dc4248ce8)

---
updated-dependencies:
- dependency-name: adRise/update-pr-branch
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-23 08:54:46 +00:00
Mariam Fahmy
956b403c7e
fix: add validation check for podSecurity subrule (#9770) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-23 15:16:53 +08:00
dependabot[bot]
7888a6f875
chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 (#9765) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.1 to 1.62.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.1...v1.62.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-22 09:08:12 +00:00
Charles-Edouard Brétéché
f1504caa65
chore: bump chainsaw (#9763) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-21 18:05:08 +00:00
mohamedasifs123
cc63f6527b
Update CONTRIBUTORS.md (#9760) 
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-21 17:18:27 +00:00
Mariam Fahmy
0d7cb9527f
feat: support bindings in Kyvenro CLI test command (#9759) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-21 14:00:42 +00:00
dependabot[bot]
7b881aca9d
chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#9755) 
Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-21 08:33:31 +00:00
Mariam Fahmy
2a277a01c4
feat: apply VAP bindings in CLI apply command in offline mode (#9751) 
* feat: apply VAP bindings in CLI apply command in offline mode

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix lint

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix chainsaw tests

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-21 07:52:25 +00:00
mohamedasifs123
d566e9886c
Fix :variables are not getting processed in validation message for "anyPattern" (#9713) 
* Update validate_resource.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Create pod.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Create chainsaw-test.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Create policy.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update validate_resource.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update chainsaw-test.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Create README.md

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/chainsaw-test.yaml

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/variable-substitution-failure-messages/README.md

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

---------

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
 2024-02-21 07:20:43 +00:00
mohamedasifs123
66f54d8fd6
fix: Policies skipped because of preconditions not met should not be included in admission requests denial responses (#9719) 
* Update block.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update block.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* lint

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update block.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test added

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* test

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* --signoff

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Create README.md

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Rename Policy1.yaml to policy-1.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/README.md

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update test/conformance/chainsaw/validate/clusterpolicy/cornercases/check-message-upon-resource-failure/chainsaw-test.yaml

Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Rename Policy2.yaml to policy-2.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* Update chainsaw-test.yaml

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

---------

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-02-20 15:42:18 +00:00
dependabot[bot]
d03dac87d6
chore(deps): bump adRise/update-pr-branch from 0.7.0 to 0.7.1 (#9750) 
Bumps [adRise/update-pr-branch](https://github.com/adrise/update-pr-branch) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/adrise/update-pr-branch/releases)
- [Commits](cd305ecbd7...bf25036ca6)

---
updated-dependencies:
- dependency-name: adRise/update-pr-branch
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-20 12:21:05 +00:00
mohamedasifs123
d114b282de
add plural form aliases for resources and exceptions flags (#9749) 
* Update command.go

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* lint

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

* lint

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>

---------

Signed-off-by: mohamedasifs123 <142201466+mohamedasifs123@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
 2024-02-19 21:35:23 +00:00
dependabot[bot]
cd0f2847db
chore(deps): bump github.com/opencontainers/image-spec (#9741) 
Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc6 to 1.1.0.
- [Release notes](https://github.com/opencontainers/image-spec/releases)
- [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md)
- [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc6...v1.1.0)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/image-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-18 14:29:21 +00:00
Charles-Edouard Brétéché
ae93f8c69f
chore: split codecov jobs (#9748) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-18 05:40:30 +05:30
dependabot[bot]
f2ffb0bac2
chore(deps): bump sigs.k8s.io/controller-runtime from 0.17.1 to 0.17.2 (#9742) 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.17.1 to 0.17.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.17.1...v0.17.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-16 09:45:49 +00:00
dependabot[bot]
73a7736a5a
chore(deps): bump fossas/fossa-action from 1.3.2 to 1.3.3 (#9740) 
Bumps [fossas/fossa-action](https://github.com/fossas/fossa-action) from 1.3.2 to 1.3.3.
- [Release notes](https://github.com/fossas/fossa-action/releases)
- [Commits](32c7979e97...47ef11b1e1)

---
updated-dependencies:
- dependency-name: fossas/fossa-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-16 07:43:13 +00:00
dependabot[bot]
097943b49e
chore(deps): bump fossas/fossa-action from 1.3.1 to 1.3.2 (#9729) 
Bumps [fossas/fossa-action](https://github.com/fossas/fossa-action) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/fossas/fossa-action/releases)
- [Commits](f61a4c0c26...32c7979e97)

---
updated-dependencies:
- dependency-name: fossas/fossa-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 20:46:30 +00:00
dependabot[bot]
abe64d8aae
chore(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 (#9726) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.61.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.0...v1.61.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 16:37:33 +00:00
dependabot[bot]
e6a830ec39
chore(deps): bump JasonEtco/create-an-issue from 2.9.1 to 2.9.2 (#9731) 
Bumps [JasonEtco/create-an-issue](https://github.com/jasonetco/create-an-issue) from 2.9.1 to 2.9.2.
- [Release notes](https://github.com/jasonetco/create-an-issue/releases)
- [Commits](e27dddc79c...1b14a70e4d)

---
updated-dependencies:
- dependency-name: JasonEtco/create-an-issue
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 14:08:40 +00:00
Charles-Edouard Brétéché
91e11e69b3
chore: bump k8s deps (#9737) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-15 12:23:12 +01:00
dependabot[bot]
771f76b7f0
chore(deps): bump kyverno/action-install-chainsaw from 0.1.3 to 0.1.4 (#9730) 
Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/kyverno/action-install-chainsaw/releases)
- [Commits](07b6c98657...8307cf9038)

---
updated-dependencies:
- dependency-name: kyverno/action-install-chainsaw
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-15 09:10:20 +01:00
dependabot[bot]
03c6635b6c
chore(deps): bump sigs.k8s.io/controller-runtime from 0.17.0 to 0.17.1 (#9716) 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.17.0...v0.17.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-13 08:19:04 +00:00
Mariam Fahmy
31bb10722e
fix: add the support of v2alpha1 exceptions in the CLI (#9714) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-12 22:57:03 +00:00
dependabot[bot]
bd37cbb9cc
chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#9715) 
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](dda0770415...99576bfa6d)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-12 22:25:12 +01:00
dependabot[bot]
56d696d22f
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 3.7.1 (#9711) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 3.7.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3a91952989...3cfe3a4abb)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 08:29:54 +00:00
Charles-Edouard Brétéché
a9780b835f
chore: bump otel deps (#9709) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-09 03:50:06 +05:30
Charles-Edouard Brétéché
a1cb4f1c30
fix: remove deprecated imageSignatureRepository flag (#9698) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-08 12:10:29 +00:00
dependabot[bot]
c2dda83d6e
chore(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 (#9701) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/crypto/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-08 11:07:13 +00:00
Charles-Edouard Brétéché
7775541b46
fix: reports aggregation (#9697) 
* chore: rename admission to ephemeral in reports aggregation controller

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: reports aggregation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* second queue

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cleanup

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* nit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-08 10:36:01 +00:00
Khaled Emara
10258921ac
feat(validation-webhook): validate global context reference (#9678) 
* feat(validation-webhook): validate global context reference

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(validation-webhook): global reference name

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(globalcontext): fix tests after valdiation

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(policycache): dont add NotReady Policies

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): rename e2e tests

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): add entry errors

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(globalcontext): fix chainsaw  test

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
 2024-02-08 07:46:58 +00:00
Suruchi Kumari
704c6722ec
[Bug] Fix message and formatting of podSecurity validation failure with restrictedField (#9658) 
* fix format

Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>

* fix test

Signed-off-by: GitHub <noreply@github.com>

---------

Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-08 12:16:23 +08:00
shuting
1c72599ff1
mark doc as required for new features (#9694) 
Signed-off-by: shuting <shuting@nirmata.com>
 2024-02-07 11:50:49 +00:00
Mariam Fahmy
7a2740a2a2
fix: modify the conformance config name (#9691) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-07 11:02:31 +00:00
Charles-Edouard Brétéché
6f440ab6c0
chore: rename admission to ephemeral in reports aggregation controller (#9690) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 10:29:56 +00:00
Mariam Fahmy
c815e9bb8f
feat: add chainsaw tests for exceptions (#9672) 
* feat: add chainsaw tests for exceptions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix test

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 17:58:41 +08:00
dependabot[bot]
205cf6ad96
chore(deps): bump go.opentelemetry.io/otel/exporters/prometheus (#9688) 
Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.45.0 to 0.45.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/bridge/opencensus/v0.45.0...example/prometheus/v0.45.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/prometheus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 08:47:26 +00:00
dependabot[bot]
6591b6ca12
chore(deps): bump kyverno/action-install-chainsaw from 0.1.2 to 0.1.3 (#9682) 
Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.1.2 to 0.1.3.
- [Release notes](https://github.com/kyverno/action-install-chainsaw/releases)
- [Commits](56be3cb4ec...07b6c98657)

---
updated-dependencies:
- dependency-name: kyverno/action-install-chainsaw
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 07:44:21 +00:00
Charles-Edouard Brétéché
64176cdbea
fix: don't delete garbage collected policy reports (#9679) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 07:10:51 +00:00
Charles-Edouard Brétéché
f1c81dbc69
feat: remove admission controller (#9677) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 06:20:35 +00:00
Charles-Edouard Brétéché
45027e4e8e
chore: bump kind and k8s images (#9680) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-07 00:41:22 +00:00
Mariam Fahmy
6c9fdaf52b
feat: add chainsaw test for policy webhook based configuration (#9645) 
* feat: add chainsaw test for policy webhook based configuration

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-06 18:05:45 +00:00
Khaled Emara
1eda4789d1
test(globalcontext): add e2e tests (#9661) 
* fix(globalcontext): validation

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): use existence instead of ready for now

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): improve not ready error message

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): allow any APICall

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* fix(globalcontext): prevent double marshal

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* test(globalcontext): add e2e tests

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

* chore(globalcontext): move vaildation to OpenAPI V3

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>

---------

Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-02-06 17:03:32 +00:00
Mariam Fahmy
ace5b59003
feat: add chainsaw tests for pod security in exceptions (#9667) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
 2024-02-06 13:07:58 +00:00
dependabot[bot]
ba01f95266
chore(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (#9663) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](d43c1f16c0...84384bd6e7)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-06 08:50:44 +00:00
dependabot[bot]
7d7a8cd994
chore(deps): bump fluxcd/flux2 from 2.2.2 to 2.2.3 (#9664) 
Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](5c5c15ea21...534684601e)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-06 08:56:57 +01:00
Charles-Edouard Brétéché
37340266ba
fix: add missing migrations (#9657) 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
 2024-02-05 20:11:35 +01:00
Khaled Emara
589446da5d
chore(globalcontext): drop globalcontext flag (#9652) 
Signed-off-by: Khaled Emara <mail@KhaledEmara.dev>
Co-authored-by: shuting <shuting@nirmata.com>
 2024-02-05 16:31:08 +00:00