mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
1279 commits 16 branches 550 tags 288 MiB
Commit graph

1279 commits

This branch
This branch
All branches
Author SHA1 Message Date
shivkumar dudhani
f0505189d4 add log levels 2019-11-12 17:01:08 -08:00
shivkumar dudhani
d8bf7fa284 clean up fixes 2019-11-12 16:49:05 -08:00
shivkumar dudhani
f271af95cc use store to hold values and queue for keys 2019-11-12 16:01:09 -08:00
shivkumar dudhani
ccbb6e33a5 introduce policy violation generator 2019-11-12 14:41:29 -08:00
shivkumar dudhani
f788f0e526 introduce policy store 2019-11-11 11:10:25 -08:00
shivkumar dudhani
f11a05a652 create event on webhook status update 2019-11-10 13:30:15 -08:00
Shivkumar Dudhani
1613434c46
458 cleanup (#464) 
* cleanup of policy violation on policy spec changes + refactoring

* remove unused code

* remove duplicate types

* cleanup references

* fix info log and clean code

* code clean

* remove dead code
 2019-11-08 20:45:26 -08:00
Shivkumar Dudhani
687c0c6470
Merge pull request #418 from nirmata/391_feature 
Check if mutating webhook admission control is enabled
 2019-11-08 12:55:28 -08:00
Jim Bugwadia
913803a285
Merge pull request #459 from nirmata/450_fix_host_pid_ipc_policy 
fix policy
 2019-11-08 10:25:26 -08:00
Jim Bugwadia
ab2e671df5 update test scenario and change rule to audit mode 2019-11-07 19:28:48 -08:00
Jim Bugwadia
a06313b11c update policy YAML 2019-11-07 19:20:51 -08:00
Jim Bugwadia
4aac8f43a9 fix test 2019-11-07 19:19:33 -08:00
Jim Bugwadia
43e76e1237 fix policy 2019-11-07 19:03:09 -08:00
shuting
fa7d4a8868
Merge pull request #441 from nirmata/432_Improve_validation_messages 
432 improve validation messages
 2019-11-07 12:43:47 -08:00
Shuting Zhao
0c59894690 Merge branch '432_Improve_validation_messages' of https://github.com/nirmata/kyverno into 432_Improve_validation_messages 
# Conflicts:
#	pkg/engine/validation.go
#	pkg/engine/validation_test.go
#	test/scenarios/other/scenario_validate_disallow_default_serviceaccount.yaml
#	test/scenarios/other/scenario_validate_selinux_context.yaml
#	test/scenarios/samples/best_practices/scenario_valiadate_require_image_tag_not_latest_deny.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_default_namespace.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_docker_sock_mount.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_helm_tiller.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_host_filesystem.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_host_network_hostport.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_hostpid_hostipc.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_new_capabilities.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_node_port.yaml
#	test/scenarios/samples/best_practices/scenario_validate_disallow_priviledged_privelegesecalation.yaml
#	test/scenarios/samples/best_practices/scenario_validate_probes.yaml
#	test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml
#	test/scenarios/samples/best_practices/scenario_validate_require_readonly_rootfilesystem.yaml
#	test/scenarios/samples/more/scenario_validate_container_capabilities.yaml
#	test/scenarios/samples/more/scenario_validate_sysctl_configs.yaml
 2019-11-07 12:34:38 -08:00
Shuting Zhao
ec331b8d17 remove resource info in the validation error 2019-11-07 12:30:58 -08:00
Shuting Zhao
59fb1c90cd fix test 2019-11-07 12:13:35 -08:00
Shuting Zhao
a30b8a604d update format 2019-11-07 12:13:35 -08:00
Shuting Zhao
443619757e update tests/scenario 2019-11-07 12:13:35 -08:00
Shuting Zhao
15895d3852 - aggregate resource info per rule; - remove resource info in each success message; 2019-11-07 12:13:35 -08:00
Shuting Zhao
2dec70cc72 make expected message optional in scenario file 2019-11-07 12:13:34 -08:00
Shuting Zhao
98fa90bf1e update validation_test.go 2019-11-07 12:13:34 -08:00
Shuting Zhao
58054ef5b6 remove duplicate test 2019-11-07 12:13:34 -08:00
Shuting Zhao
de9ebd899b improve validation error message; update scenario files 2019-11-07 12:13:34 -08:00
Shuting Zhao
e3c9282e6a fix edit failure blocked by annotation change 
- as we change the patches key in annotation to "policies.kyverno.io/patches" in commit bdb3f40f15
 2019-11-07 12:13:34 -08:00
shuting
9f604dc057
Merge pull request #445 from nirmata/413_known_ingress 
413 known ingress
 2019-11-07 12:08:37 -08:00
Shuting Zhao
38f1f3bbb9 Merge branch '414_mutate_safe-to-evict_emptydir' into 413_known_ingress 2019-11-06 17:58:09 -08:00
Shuting Zhao
8496a483dc - remove resource info per rule; - add resource info in each failed admission request 2019-11-06 17:14:32 -08:00
Shuting Zhao
42150f95da Merge commit '0a5ce9afbca2d8cab1e9442a02c47f2e8173d9e8' into 414_mutate_safe-to-evict_emptydir 
# Conflicts:
#	samples/best_practices/add_safe-to-evict_annotation.yaml
#	test/scenarios/samples/best_practices/scenario_mutate_safe-to-evict.yaml
 2019-11-06 16:51:57 -08:00
shuting
0a5ce9afbc
Merge pull request #447 from nirmata/446_cleanup 
remove unused yamls
 2019-11-06 16:44:48 -08:00
shuting
9ad9689764
Merge pull request #449 from nirmata/448_update_name 
update name
 2019-11-06 16:44:12 -08:00
Shuting Zhao
4daa23f530 add missing file 2019-11-06 16:40:24 -08:00
shivkumar dudhani
6d86bb80d1 update policy name in scenario 2019-11-06 16:18:16 -08:00
Shuting Zhao
b32c6bf50b remove unused code 2019-11-06 16:16:50 -08:00
Shuting Zhao
d31ace604e fix test 2019-11-06 16:16:38 -08:00
Shuting Zhao
a7aec886b4 handle processOverlay with overlayError 2019-11-06 16:16:29 -08:00
shivkumar dudhani
f33650a335 update name 2019-11-06 15:55:55 -08:00
shivkumar dudhani
9803028abc remove unused yamls 2019-11-06 15:40:19 -08:00
Jim Bugwadia
1173e062c9 - add policy and test for known ingress 
- fix messages and remove unnecessary comments in testrunner/scenario.go
 2019-11-05 19:07:44 -08:00
Jim Bugwadia
c63a2b75db Merge branch '414_mutate_safe-to-evict_emptydir' of https://github.com/nirmata/kyverno into 414_mutate_safe-to-evict_emptydir 2019-11-05 16:45:46 -08:00
Jim Bugwadia
cd3e0f46f3 add policy doc 2019-11-05 16:45:37 -08:00
Shuting Zhao
d0391ecab3 make the err "resource field is not present" a constant 2019-11-05 16:36:15 -08:00
Shuting Zhao
9f7b6eaaf6 skip applying mutate rule if condition key is not present in the resource, consider the rule as success 2019-11-05 16:27:06 -08:00
Jim Bugwadia
cab87f24ba add tect case 2019-11-05 15:32:45 -08:00
Shuting Zhao
664a85363a correct scenario test 2019-11-05 12:59:22 -08:00
Jim Bugwadia
5ded29f74e temp update for debugging 2019-11-05 12:28:44 -08:00
shuting
bdb677abf6
Merge pull request #430 from nirmata/158_array_validation 
158 array validation
 2019-11-05 11:39:05 -08:00
Shuting Zhao
662f649926 add comment to the code 2019-11-05 11:04:43 -08:00
Shuting Zhao
4195f45a42 add missing scenario test 2019-11-05 10:19:42 -08:00
Shuting Zhao
489e55d6c3 add best_practices scenario_mutate_safe-to-evict 2019-11-05 10:16:07 -08:00