kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Byron Ibarra	f0c0000746	Fix UpdateRequest labeling (#4199 ) Co-authored-by: Byron Ibarra V <bibarrav@falabella.cl> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-07-12 18:40:05 +05:30
Jim Bugwadia	531355adce	Release 1.7 (#4200 ) * cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove TUF initialization from main (#4098) Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix imageVerify validation checks and conversion logic (#4038) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * release event memory (#4138) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * fix merge of image verify and mutate patches Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix patch join Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle embedded strings with spaces Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-07-10 20:00:00 -07:00
Vyankatesh Kudtarkar	0cb9b9c248	external.metrics.k8s.io/v1beta1 issue (#4182 ) Signed-off-by: Vyankatesh vyankateshkd@gmail.com Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-07-01 05:05:15 +00:00
Prateek Pandey	3b607807de	delete policy reports on policy deletion (#4174 ) (#4175 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-07-01 04:41:05 +00:00
Prateek Pandey	2ad7da76b4	feat: split policy report per policy bases (#4147 ) (#4166 ) * feat: split policy report per policy bases Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add policy name as a handler key Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * update merge change request logic Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * handle the delete resource update on policy report Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add splitPolicyReport feature gate Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * delete old reports if splitPolicyReport feature enable Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * use trim policyname as label and create name Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix change request result Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-06-28 16:32:52 +00:00
shuting	4aff3de0fe	Re-implement #4159 (#4165 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 09:54:22 +00:00
shuting	1ca2f3ce1d	Cherry pick #4155 (#4164 ) * Re-implement #4155 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Address https://github.com/kyverno/kyverno/pull/4162 comments Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 09:27:34 +00:00
shuting	4ba30ee140	Cherry-pick #4148 Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-28 16:21:53 +08:00
Jim Bugwadia	6be50399bd	Cherry-pick #4138 to 1.7 (#4160 ) * cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove TUF initialization from main (#4098) Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix imageVerify validation checks and conversion logic (#4038) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * release event memory (#4138) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-06-28 11:56:45 +08:00
ShutingZhao	b666bedd83	fix build failures Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-17 13:17:57 +05:30
Charles-Edouard Brétéché	fc5a5eaae3	cherry-pick #4013 Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-06-17 13:17:57 +05:30
Prateek Pandey	55f26601c7	fix: use policyName key to get the policy name (#4113 ) In case of namespace policy `ur.spec.policy` contains namespace/policy-name combinations, hence can't be used to set the policy name label. Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-06-17 00:56:54 +08:00
Prateek Pandey	65a812db4c	fix: handle nil ur while retry (#4109 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-06-15 17:57:15 +08:00
Jim Bugwadia	5baa956e11	Release 1.7 (#4099 ) * cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove TUF initialization from main (#4098) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-06-10 10:40:47 +01:00
shuting	1f4575678c	Fix labels with invalid charrs (#4034 ) (#4035 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-30 05:46:03 +00:00
shuting	845a83d3e2	Cherry-pick #4022 (#4033 ) * Cherry-pick #4022 Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove unused file	2022-05-30 09:26:03 +05:30
Charles-Edouard Brétéché	f2c8096d5f	Cherry pick #4007 #4008 (#4020 ) * fix: remove update ur status in generator (#4008) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: remove update ur status in generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `2e91d233c0`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * cherry pick #4007 Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 08:15:59 +00:00
Charles-Edouard Brétéché	56d32e93e7	fix: stop mutation policies when autogen internals is enabled (#4004,#4009,#3996) (#4016 ) * fix: stop mutation policies when autogen internals is enabled (#4004) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `c9f8a68d8a`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator (#4009) * fix: stop mutating cached resource in ur controller (#4003) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `dac733755b`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use background helper in ur generator Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `3a3556919f`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: move label helper utils from policy package to background package (#3996) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `1712dfa947`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-25 12:14:40 +08:00
Jim Bugwadia	eaa629714e	cherry-pick fix attestation checks https://github.com/kyverno/kyverno/pull/3999 (#4015 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-24 16:25:26 +00:00
Charles-Edouard Brétéché	d55f2c34a2	refactor: add policy event listener in ur controller (#4012 ) (#4014 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `cd1fa030ee`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:01:11 +00:00
shuting	93c69780bb	Support `@` for mutate targets (#3998 ) (#4010 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-24 13:05:50 +00:00
Prateek Pandey	07e1afaa61	fix: stop mutating cached resource in ur controller (#4003 ) (#4006 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-24 16:09:51 +05:30
Charles-Edouard Brétéché	78e7c5dc18	fix: move ur controller filtering in reconciler (#3964 ) (#3994 ) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: move ur controller filtering in reconciler (#3964) * fix: move ur controller filtering in reconciler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: mark ur retry on conflict Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: test data Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add filter back in update ur handler Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: added some logs about attempts and increased backoff Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: reconciliation logic Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: Test_Generate_Synchronize_Flag Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: small nits Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> (cherry picked from commit `1936d86623`) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: conflicts Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-23 23:53:49 +08:00
Prateek Pandey	8dbadbc96b	fix: release ur when handler pod is gone (#3993 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-23 14:23:10 +00:00
Prateek Pandey	97b874897b	fix: mark ur retry on conflict (#3961 ) (#3963 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-18 07:20:07 +00:00
Prateek Pandey	3f47ab6a5d	Cherry pick #3953 #3955 (#3960 ) * Cleanup URs on trigger deletion (#3955) * Clean URs on trigger deletion Signed-off-by: ShutingZhao <shuting@nirmata.com> * Make kyverno api import aliases consistent Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix gofumpt error Signed-off-by: ShutingZhao <shuting@nirmata.com> * Remove unused code Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> * fix panic issue for ur (#3953) * fix the import Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-18 11:45:29 +08:00
Prateek Pandey	7d66968d7f	fix: handle UR delete once trigger namespace deleted (#3934 ) (#3938 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 15:41:42 +08:00
Prateek Pandey	000c90d424	fix: use patch to update handler status in UR (#3927 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-17 12:59:11 +08:00
shuting	e779cb866a	Cleanup the UR for mutate policies once it's completed (#3923 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-05-16 04:45:44 +00:00
Jim Bugwadia	f05d86d375	cherry-pick #3893 (#3895 )	2022-05-12 04:16:15 +00:00
Vyankatesh Kudtarkar	a0eadad77b	Fix subject match selector issue in cli (#3887 ) (#3892 ) Signed-off-by: Vyankatesh vyankateshkd@gmail.com	2022-05-11 16:36:42 +00:00
Prateek Pandey	44be131ed0	skip var checks in attestations (#3876 ) (#3885 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-11 09:57:00 +00:00
shuting	0e6bf44b0f	Handle errors properly for mutate and generate on existing resources (#3863 ) (#3866 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-10 23:08:50 +05:30
Prateek Pandey	eb25d6dc6f	refactor: remove unused functions (#3844 ) Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-10 18:13:25 +08:00
Vyankatesh Kudtarkar	737d3bdd36	handle subresources (#3841 ) (#3848 ) * handle subresources Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix logger name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix webhook and logs Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-05-10 12:34:17 +08:00
Prateek Pandey	8b6d3d1f6a	feat: trigger generate on existing matched resource (#3819 ) * feat: trigger generate on existing matched resource Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor the triggers and fix review comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * add trigger for other matching kinds Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * implement match exclude using dynamic client Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * refactor generate trigger Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * increase sleep timeout Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * optimize unstructured list Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix review comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * log refactor and clean debug comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>	2022-05-09 07:13:11 +00:00
Charles-Edouard Brétéché	bbe65959bc	refactor: webhook config package (part 2) (#3833 ) * refactor: webhookconfig package (part 1) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhook config package (part 2) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-08 14:14:31 +02:00
Charles-Edouard Brétéché	af56adb0a6	refactor: webhookconfig package (part 1) (#3831 ) * refactor: webhookconfig package (part 1) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: sonatype issue Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-08 12:47:49 +01:00
Jim Bugwadia	69ac94b0ee	fix check and add logs (#3838 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2022-05-08 07:45:02 +00:00
Sambhav Kothari	2dc54e5c1b	Allow variables of any kind to be defined (#3828 ) Signed-off-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-05-07 20:30:11 +00:00
Charles-Edouard Brétéché	306b22a5db	fix: policy deletion in webhookconfig (#3832 ) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>	2022-05-07 21:09:19 +01:00
Afzal Ansari	3845225db1	refactor: imported pkg redeclared and a few other unused func (#3827 ) * Removes paths redeclared Signed-off-by: afzal442 <afzal442@gmail.com> * fixes v1 redeclared Signed-off-by: afzal442 <afzal442@gmail.com> * fixes mergeSucceededResults func never used Signed-off-by: afzal442 <afzal442@gmail.com> * fixes func unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors unused func Signed-off-by: afzal442 <afzal442@gmail.com> * refactors unused func Signed-off-by: afzal442 <afzal442@gmail.com> * refactors getNamespacesForRule unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors policyNamespace unused Signed-off-by: afzal442 <afzal442@gmail.com> * refactors replacing loop with ... Signed-off-by: afzal442 <afzal442@gmail.com> * refactors func buildPolicyLabel unused Signed-off-by: afzal442 <afzal442@gmail.com> * removes unused func Signed-off-by: afzal442 <afzal442@gmail.com> * removes unused comment Signed-off-by: afzal442 <afzal442@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-07 16:44:57 +00:00
Moritz Johner	4d2ec26c90	CLI should respect scored annotation for warnings (#3821 ) Co-authored-by: Sambhav Kothari <skothari44@bloomberg.net>	2022-05-07 13:33:50 +00:00
Sambhav Kothari	c3604c1170	Add an object_from_lists function (#3824 )	2022-05-07 12:05:04 +00:00
Sambhav Kothari	876a216b5f	Improve logging and error handling in json context (#3825 )	2022-05-07 11:32:48 +00:00
Sambhav Kothari	e55bf0bf6f	Relax JMESPath variable validation (#3826 )	2022-05-07 16:40:53 +05:30
shuting	b4f2b63f53	Load `mutate.targets` via dclient (#3797 ) * Load mutate.targets via dclient Signed-off-by: ShutingZhao <shuting@nirmata.com> * Do not fail on namespace cleanup for e2e generate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Fix wildcard name listing for a certain namespace Signed-off-by: ShutingZhao <shuting@nirmata.com> * Rename onPolicyUpdate to mutateExistingOnPolicyUpdate Signed-off-by: ShutingZhao <shuting@nirmata.com> * Enable "mutateExistingOnPolicyUpdate" on policy events Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>	2022-05-06 05:46:36 +00:00
Jim Bugwadia	db3502656d	Cert attestor (#3809 ) * add certificates attestor Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * split certs from keys Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add Rekor and fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>	2022-05-05 21:57:20 -07:00
Jim Bugwadia	76608e315e	handle duplicate images; use container name as key (#3779 ) * handle duplicate images; use container name as key Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use OldObject for modify requests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * use unique image names Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Jim Bugwadia <jim@nirmata.com> * create a single annotation patch across rules and images Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fmt and change annotation key name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>	2022-05-05 14:06:18 -07:00
Charles-Edouard Brétéché	5d2e2faf72	fix: autogen rules in status (#3728 ) * refactor: autogen package logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add rules to status only when necessary Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2022-05-05 15:11:26 +00:00

1 2 3 4 5 ...

2496 commits