kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

Author	SHA1	Message	Date
Charles-Edouard Brétéché	c077fb49d5	chore: add performance tests tool (#5241 ) * feat: add flag to configure the number of background scan workers Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add performance testing Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix pvc issue Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * make nodes count configurable Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kube proxy Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove commented code Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * memory request Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-17 06:31:35 +00:00
Charles-Edouard Brétéché	e66f8a2f47	chore: enable json logs in argocd lab (#5349 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-15 18:15:22 +00:00
XDRAGON2002	25f8d4498b	[Feature] Pin Dependencies by Hash (#5168 ) * pin dependencies by hash Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * pin scripts Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-11-07 08:59:26 +00:00
Charles-Edouard Brétéché	6325860c89	chore: add loki to argocd lab (#5231 ) * chore: add loki to argocd lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: add loki to argocd lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-07 08:24:59 +00:00
Charles-Edouard Brétéché	b3c5a9c741	chore: server side apply in argo lab (#5209 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-03 11:16:07 +00:00
Charles-Edouard Brétéché	11bfad27ec	chore: add kind config file (#5178 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-01 22:53:58 +08:00
Charles-Edouard Brétéché	b732158831	feat: add metrics server and kube-prometheus-stack to argocd lab (#4995 ) * feat: add policy-reporter to argocd lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add metrics server and kube-prometheus-stack to argocd lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * typo Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-10-16 17:34:58 +00:00
Charles-Edouard Brétéché	7aefa89839	feat: add policy-reporter to argocd lab (#4988 ) * feat: add policy-reporter to argocd lab Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com>	2022-10-16 17:39:43 +02:00
Charles-Edouard Brétéché	c213deab4b	chore: add argocd lab (#4884 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-10-12 07:25:48 +00:00
Lei Peng	c6da0a7800	refact：update script of generate-self-signed-cert-and-k8secrets.sh to supports custom namespace (#4758 ) Signed-off-by: hackerboy01 <penglei031303@gmail.com>	2022-10-03 18:21:46 +05:30
Charles-Edouard Brétéché	599a68e896	feat: enable autogen from makefile (#4467 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-09-01 14:14:56 +08:00
Charles-Edouard Brétéché	504acea12c	chore: remove godownloader and install-cli script (#4442 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-08-29 17:19:13 +02:00
Afzal Ansari	5262ed9225	refactor: shell to prevent globbing and word splitting (#3829 ) * refactors scripts/create-e2e-infrastruture sh Signed-off-by: afzal442 <afzal442@gmail.com> * refactors scripts/deploy-controller.sh Signed-off-by: afzal442 <afzal442@gmail.com> * refactors scripts/generate-server-cert.sh Signed-off-by: afzal442 <afzal442@gmail.com> * minor changes Signed-off-by: afzal442 <afzal442@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-07 16:46:50 +01:00
Charles-Edouard Brétéché	f34a542587	refactor: client gen code (#3695 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-04-27 12:30:43 +00:00
shuting	2b432490b5	Feat - add the new CR UpdateRequest for post mutation (#3592 ) * add new CR UpdateRequest Signed-off-by: ShutingZhao <shuting@nirmata.com> * add clienset for updaterequests Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-04-12 22:37:28 +05:30
Sambhav Kothari	e9e96e7b1c	Run E2E tests on all supported k8s versions (#3256 )	2022-02-23 15:52:08 +00:00
shuting	ae4d148318	Update dev image tag in Make targets (#3159 ) * - update dev images tag; - update chart testing Signed-off-by: ShutingZhao <shuting@nirmata.com> * update to use dev tag when setting up e2e tests infra Signed-off-by: ShutingZhao <shuting@nirmata.com> * default chart test image tag for busybox to latest Signed-off-by: ShutingZhao <shuting@nirmata.com> * set image tag to latest for chart testing Signed-off-by: ShutingZhao <shuting@nirmata.com> * correct tag Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove test tag in e2e.yaml Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-02-03 15:41:58 +08:00
Jim Bugwadia	b17e76493e	tighten and clarify Kyverno roles and permissions (#2799 ) * update roles and rolebindings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert label and fix perms Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * restrict role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix whitespace Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests and roles Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove ingress extensions/v1beta1 Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix chart Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * tighten and clarify Kyverno roles and permissions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fake commit to trigger workflows Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert tests and update test role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add newlines Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove update role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove invalid param Signed-off-by: Jim Bugwadia <jim@nirmata.com> * cleanup roles in Helm templates Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove `mutate` cluster role binding Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-12-10 04:34:06 +00:00
Jose Armesto	831a9826d1	Restructure project to follow standards (#2632 ) Signed-off-by: Jose Armesto <github@armesto.net>	2021-10-29 18:13:20 +02:00
Sachin	e16d773957	Remove unused function (#2517 )	2021-10-11 12:46:28 -07:00
shuting	e288ed7fd2	Fix upgrade issue from 1.4.2 to 1.4.3-rc1 (#2387 ) * update git command to get tag in 'v' format Signed-off-by: Shuting Zhao <shutting06@gmail.com> add label "appVersion" to report change request Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix linter issue Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update git hash Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-09-14 01:06:56 -07:00
Frank Jogeleit	c522343c03	Update PolicyReport CRDs to wgpolicyk8s.io/v1alpha2 (#1825 )	2021-08-21 10:35:17 -07:00
shuting	6d5e988ebe	BugFix - update the annotation lastRequestTimestamp from active instances (#2019 ) * fix webhook monitor - inactive instance did not get latest request timestamp Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add checks for registered webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update veridy_deployment.sh Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add debug steps in e2d workflow Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix CI errors Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-06-15 18:39:22 -07:00
vyankatesh	ab959d0ca4	bump kind to 0.11.0, k8s v1.21	2021-06-08 11:18:48 +05:30
Shuting Zhao	8affebb680	bump kind to 0.10.0, k8s 1.20.2 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-05 13:58:51 -07:00
Yashvardhan Kukreja	6f15432a21	added: make target to auto generate code (#1603 ) * added: make auto-generate target to sync the auto-generated code by kubebuilder Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> * synced: all the auto-generable files with kubebuilder's controller-gen Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-03-01 10:58:58 -08:00
shuting	d82f19be4e	Feature/fix dev mode execution (#1477 ) * add serverIP to X.509 certificate SANs * disable webhook monitor in debug mode Signed-off-by: Shuting Zhao <shutting06@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2021-01-20 15:25:27 -08:00
Yuvraj	5ecdfda4e0	Improve github action (#1385 ) * Improve github action Improve the github action fix issue Trigger Krew on relese and skip prerelease Updated create infrastructure script * More changes * More changes * Added check for prerelease * Added check for prerelease * Revert change	2020-12-15 11:46:53 -08:00
Yuvraj	2ffe9b024b	Added kustomize install script (#1392 )	2020-12-13 11:43:01 +05:30
shuting	f73c40ab4e	Migrate image to GitHub registry (#1299 ) * migrate image to GitHub registry * remove registry login	2020-11-24 11:49:08 -08:00
shuting	bc2e7fcbb3	Revert "Migrate image to GitHub registry"	2020-11-19 13:59:26 -08:00
Shuting Zhao	4d2d4b9985	Update install.yaml	2020-11-19 12:31:08 -08:00
Shuting Zhao	0d963455c9	remove jq installation	2020-11-11 14:46:22 -08:00
Shuting Zhao	06f2fd8f39	install linux tool	2020-11-11 14:33:09 -08:00
Shuting Zhao	f6b3dadfba	update ci.sh	2020-11-11 14:24:04 -08:00
Shuting Zhao	b3e5cafdec	install kustomize with a specific version in ci automation	2020-11-11 14:09:45 -08:00
shuting	5e07ecc5f3	Add Policy Report (#1229 ) * add report in cli * policy report crd added * policy report added * configmap added * added jobs * added jobs * bug fixed * added logic for cli * common function added * sub command added for policy report * subcommand added for report * common package changed * configmap added * added logic for kyverno cli * added logic for jobs * added logic for jobs * added logic for jobs * added logic for cli * buf fix * cli changes * count bug fix * docs added for command * go fmt * refactor codebase * remove policy controller for policyreport * policy report removed * bug fixes * bug fixes * added job trigger if needed * job deletation logic added * build failed fix * fixed e2e test * remove hard coded variables * packages adde * improvment added in jobs sheduler * policy report yaml added * cronjob added * small fixes * remove background sync * documentation added for report command * remove extra log * small improvement * tested policy report * revert hardcoded changes * changes for demo * demo changes * resource aggrigation added * More changes * More changes * - resolve PR comments; - refactor jobs controller * set rbac for jobs * add clean up in job controller * add short names * remove application scope for policyreport * move job controller to policyreport * add report logic in command apply * - update policy report types; - upgrade k8s library; - update code gen * temporarily comment out code to pass CI build * generate / update policyreport to cluster * add unit test for CLI report * add test for apply - generate policy report * fix unit test * - remove job controller; - remove in-memory configmap; - clean up kustomize manifest * remove dependency * add reportRequest / clusterReportRequest * clean up policy report * generate report request * update crd clusterReportRequest * - update json tag of report summary; - update definition manifests; - fix dclient creation * aggregate reportRequest into policy report * fix unit tests * - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report * remove * generate reportRequest in kyverno namespace * update resource filter in helm chart * - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest * generate policy report in background scan * skip generating report change request if there's entry results * fix results entry removal when policy / rule gets deleted * rename apiversion from policy.kubernetes.io to policy.k8s.io * update summary.* to lower case * move reportChangeRequest to kyverno.io/v1alpha1 * remove policy report flag * fix report update * clean up policy violation CRD * remove violation CRD from manifest * clean up policy violation code - remove pvGenerator * change severity fields to lower case * update import library * set report category Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com> Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2020-11-09 11:26:12 -08:00
Jim Bugwadia	8be30879f6	print deployment YAML on timeout	2020-10-22 12:43:50 -07:00
Jim Bugwadia	2ba2222f4e	add debug info on timeout	2020-10-22 12:30:24 -07:00
Shuting Zhao	cdc5190c56	update nirmata/kyverno to kyverno/kyverno	2020-10-07 11:12:31 -07:00
Yuvraj	9c0d54f35a	e2e workflow added (#1021 ) * e2e flow added * add kustomize image change in ci	2020-08-06 11:56:31 +05:30
Pooja Singh	59b2378274	reading kyverno svc from environment variable (#962 ) * reading kyverno svc from environment variable * updated readme	2020-07-04 19:35:31 -07:00
Yuvraj	d5ea0415de	remove arm from goreleaser (#903 ) * Feature : Added complete release cycle and created install bash script for kyverno-cli	2020-06-04 11:45:37 -07:00
shivkumar dudhani	90a80db748	fix scripts	2020-03-20 09:52:30 -07:00
Shivkumar Dudhani	61b202c64a	420 init container (#501 ) * init container to cleanup stale webhook configurations if any. * remove test code * use internal pkg for os signals * move webhook cleanup before http.server shutown. * update make file and remove init * update CI script	2019-11-18 11:41:37 -08:00
Shuting Zhao	b67577994a	update apiversion to v1 in code	2019-11-13 13:41:08 -08:00
shivkumar dudhani	9803028abc	remove unused yamls	2019-11-06 15:40:19 -08:00
Shuting Zhao	a83e5c1d05	Merge commit '2192703df1bb26cb8b30a1aece6f9afeed09b214' into 254_dynamic_webhook_configurations # Conflicts: # pkg/engine/generation.go # pkg/engine/overlay.go # pkg/engine/utils.go # pkg/engine/utils_test.go # pkg/gencontroller/controller.go # pkg/gencontroller/generation.go # pkg/webhooks/mutation.go # pkg/webhooks/server.go	2019-08-19 16:44:38 -07:00
shivkumar dudhani	6580e0e73a	remove temp clientNew	2019-08-17 09:58:14 -07:00
Shuting Zhao	a110efb96c	Merge branch 'policyViolation' into 254_dynamic_webhook_configurations # Conflicts: # main.go # pkg/annotations/annotations.go # pkg/annotations/controller.go # pkg/controller/controller.go # pkg/controller/controller_test.go # pkg/engine/engine.go # pkg/engine/generation.go # pkg/engine/mutation.go # pkg/engine/validation.go # pkg/event/controller.go # pkg/webhooks/mutation.go # pkg/webhooks/policyvalidation.go # pkg/webhooks/report.go # pkg/webhooks/server.go # pkg/webhooks/validation.go	2019-08-14 19:00:37 -07:00
shivkumar dudhani	3dda879e51	policyviolation, policy controller reconciliation	2019-08-07 16:14:33 -07:00
Shuting Zhao	80d1d926ca	add profiling flags	2019-08-02 11:18:02 -07:00
Shuting Zhao	6d49a728a1	- update install_debug.yaml - add debug log	2019-07-23 17:54:31 -07:00
Shuting Zhao	edd34416e1	remove extra line for local debug	2019-07-03 14:11:18 -07:00
Shuting Zhao	d8da84a5b5	added trace in debug mode on issue faile to register webhookConfigurations	2019-07-03 14:09:52 -07:00
Shuting Zhao	b63b3b869e	create event from policy info	2019-06-26 18:04:50 -07:00
shuting	044ca7a408	- addd cleanup script - remove imagepullpolicy in install.yaml	2019-06-12 18:23:16 -07:00
shuting	1013a8a637	Allow user to run Kyverno in debug mode	2019-06-10 18:10:51 -07:00
shivdudhani	6cc4148fac	move client to pkg, helper script for self-signed certs & update documentation	2019-05-29 14:12:09 -07:00
shuting	09bfdc6ba3	- Change kube-policy to kyverno in install.yaml - Install in namespace kyverno	2019-05-21 18:36:24 -07:00
shuting	3fce50b2d3	change project name in compile-image script to kyverno	2019-05-21 13:40:17 -07:00
Maxim Goncharenko	738397ecae	Added version arg for compile-image.sh	2019-05-14 14:18:16 +03:00
Maxim Goncharenko	9e8540f280	Made update-codegen script crossplatform	2019-05-13 21:24:02 +03:00
shivdudhani	653a733a4b	code review changes: undo scripts	2019-05-08 07:38:42 -07:00
shivdudhani	0babf1f25d	redesign event & violation builders. kubeclient to provide resource handlers	2019-05-06 09:12:37 -07:00
belyshevdenis	8c8c01a452	NK-23: Fixed readme and deployment script, deleted extra resource.	2019-03-07 18:48:02 +02:00
belyshevdenis	c3b903a94b	NK-22: Fixed compile-image.sh	2019-03-01 17:40:47 +02:00
belyshevdenis	68e468a699	NK-21: Added checking request by selector. Added tests for this logic. Added test policy file for selectors.	2019-02-28 18:43:20 +02:00
belyshevdenis	81e54bb6a0	Implemented test webhook, fixed script for certificate generation, fixed project dependencies	2019-02-21 18:13:21 +02:00
belyshevdenis	0f78f5cb82	NK-10: Small fixes after dev testing	2019-02-19 18:01:47 +02:00
belyshevdenis	3661e012a5	NK-10: Implemented basic logic for mutation, added logs	2019-02-15 20:00:49 +02:00
belyshevdenis	6765c97106	NK-8: Implemented deployment script for free (local) and in-cluster usage of the controller. Added readme file for scripts, improved scripts: implemented more convenient way to pass arguments. Removed hardcode from server.go.	2019-02-13 19:57:18 +02:00
belyshevdenis	c30f4d3119	NK-8: Implemented script for generating webhook server certificates, script for building the Docker container with webserver executable, script for deploying webserver to the cluster. Provided YAMLS for webhooks service and deployment. Changed YAML for webhook configuration: now webhook server is configured as a service.	2019-02-13 15:28:16 +02:00
belyshevdenis	ed86223f3e	NK-8: Implemented basic HTTPS server with stub for mutation webhook. Implemented script for generating TLS key and certificate. Created MutatingWebhookConfiguration.yaml with declaration of future service.	2019-02-12 16:12:03 +02:00
belyshevdenis	84cd3677ab	NK17: Fixed code generation, updated README.md	2019-02-06 19:51:47 +02:00
belyshevdenis	b93fb184cc	NK2: Added script for code-generator, YAMLs with CRDs and stub for main.go	2019-02-06 14:52:09 +02:00

1 2 3

126 commits