Mariam Fahmy
|
9e8b655f6f
|
chore: add celpolicyexceptions in helm chart (#12084)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-05 00:15:45 +08:00 |
|
Charles-Edouard Brétéché
|
4f63ef5bc1
|
feat: consider Warn validation action (#12081)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 14:35:52 +00:00 |
|
Khaled Emara
|
88d3dc67d8
|
fix(flag): lookup kubeconfig only after parsing (#12082)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2025-02-04 14:15:58 +00:00 |
|
Charles-Edouard Brétéché
|
3b0c9d662c
|
refactor: webhook server/handlers (#12079)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 14:52:48 +02:00 |
|
Mariam Fahmy
|
192e655c45
|
chore: remove polex compiler (#12078)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-04 11:52:19 +00:00 |
|
Charles-Edouard Brétéché
|
c78ab6654c
|
tests: add chainsaw test for image data loading (#12077)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 09:22:43 +00:00 |
|
dependabot[bot]
|
ac45755fc5
|
chore(deps): bump ubuntu from 80dd3c3 to 7229784 in /.devcontainer (#12074)
Bumps ubuntu from `80dd3c3` to `7229784`.
---
updated-dependencies:
- dependency-name: ubuntu
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 09:19:47 +01:00 |
|
dependabot[bot]
|
4b022f8d6a
|
chore(deps): bump sigs.k8s.io/release-utils from 0.10.0 to 0.11.0 (#12076)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.10.0...v0.11.0)
---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-02-04 08:48:34 +01:00 |
|
dependabot[bot]
|
1422376d26
|
chore(deps): bump github.com/fluxcd/pkg/oci from 0.43.1 to 0.45.0 (#12059)
Bumps [github.com/fluxcd/pkg/oci](https://github.com/fluxcd/pkg) from 0.43.1 to 0.45.0.
- [Commits](https://github.com/fluxcd/pkg/compare/oci/v0.43.1...oci/v0.45.0)
---
updated-dependencies:
- dependency-name: github.com/fluxcd/pkg/oci
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-02-04 05:10:04 +00:00 |
|
Charles-Edouard Brétéché
|
b908b1037a
|
feat: consider validation actions (#12072)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 06:29:40 +02:00 |
|
Charles-Edouard Brétéché
|
e55a90cc4b
|
feat: implement match conditions failure policy (#12071)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-04 00:04:26 +02:00 |
|
dependabot[bot]
|
26074d12d3
|
chore(deps): bump sigs.k8s.io/release-utils from 0.9.0 to 0.10.0 (#12060)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases)
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.9.0...v0.10.0)
---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-02-03 19:04:50 +00:00 |
|
Charles-Edouard Brétéché
|
884a77a044
|
feat: add context provider in admission handling (#12070)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 19:11:31 +02:00 |
|
Mariam Fahmy
|
202ab74ff5
|
feat: compile CEL exceptions (#12066)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-03 17:17:41 +02:00 |
|
Charles-Edouard Brétéché
|
1cb0d1c356
|
feat: add message expression support to validating policies (#12063)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 14:04:19 +00:00 |
|
Vishal Choudhary
|
7d8ed212a4
|
feat: create image data loader (#12036)
* feat: add image data loader to context
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: build
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: update types
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: replace crane with remote
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: linter
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 13:42:40 +00:00 |
|
Charles-Edouard Brétéché
|
0c5b74b122
|
chore: add validating policies chainsaw tests (#12062)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 20:53:57 +08:00 |
|
Charles-Edouard Brétéché
|
2bf7262814
|
feat: add admission request cel variable (#12054)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 11:40:05 +00:00 |
|
Charles-Edouard Brétéché
|
0077fdae2b
|
feat: add validation message in cel engine response (#12052)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-02-03 11:13:06 +00:00 |
|
Mariam Fahmy
|
c08a05ca9a
|
fix: remove 1.27 and 1.28 from tests (#12061)
* fix: remove 1.27 and 1.28 from tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: remove the generate of VAPs from the webhook configuration tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-02-03 11:54:41 +01:00 |
|
Mariam Fahmy
|
4c950dcb32
|
feat: use v1 of ValidatingAdmissionPolicies (#12050)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 14:21:43 +00:00 |
|
Mariam Fahmy
|
226cacd65c
|
fix: match the old object against the object selector for VAPs in the CLI (#12051)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 14:47:32 +01:00 |
|
Mariam Fahmy
|
d1536580da
|
feat: add CEL PolicyException CRD (#12038)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-31 11:39:17 +00:00 |
|
Charles-Edouard Brétéché
|
f59b78aef0
|
feat: process cel engine response in webhook handler (#12047)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 11:07:22 +00:00 |
|
Charles-Edouard Brétéché
|
b8f7a83942
|
feat: support adminssion review in cel engine (#12046)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 08:03:59 +00:00 |
|
Charles-Edouard Brétéché
|
7a4e1bede9
|
feat: use more admission attributes (#12044)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 23:58:12 +00:00 |
|
Charles-Edouard Brétéché
|
2ab3b2dd51
|
fix: cel lib get config map return type (#12042)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-31 01:15:05 +02:00 |
|
Charles-Edouard Brétéché
|
f448db3f36
|
feat: use admission attributes (#12041)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 20:36:41 +00:00 |
|
abhashsolanki18
|
5c9adf9fb5
|
fix: error handling and reduce log clutter (#11979)
* fix: error handling and reduce log clutter
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
* fixed lint test
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
---------
Signed-off-by: abhashsolanki18 <abhashsolanki18@gmail.com>
|
2025-01-30 09:47:09 +00:00 |
|
Amit Tiwari
|
3b798c8958
|
replace ghcr.io to reg.kyverno.io (#12031)
Signed-off-by: Amit Tiwari <amit.tiwari@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2025-01-30 09:10:59 +00:00 |
|
Charles-Edouard Brétéché
|
dfa9f2f727
|
feat(validating policies): add support for ns and object selectors (#12034)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-30 01:07:01 +02:00 |
|
dependabot[bot]
|
1cdd6a89bc
|
chore(deps): bump github.com/cyphar/filepath-securejoin (#12027)
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.4.0...v0.4.1)
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 19:45:13 +00:00 |
|
Charles-Edouard Brétéché
|
30360e871a
|
feat: execute handler (#12033)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 11:24:13 -08:00 |
|
Charles-Edouard Brétéché
|
a36f8c857c
|
fix: don't sort cel policies (#12028)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 15:00:46 +00:00 |
|
Charles-Edouard Brétéché
|
bff9590ebc
|
fix: bad usage of wait group (#12029)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-29 12:28:41 +00:00 |
|
dependabot[bot]
|
e4873e88e9
|
chore(deps): bump github.com/evanphx/json-patch/v5 from 5.9.10 to 5.9.11 (#12025)
Bumps [github.com/evanphx/json-patch/v5](https://github.com/evanphx/json-patch) from 5.9.10 to 5.9.11.
- [Release notes](https://github.com/evanphx/json-patch/releases)
- [Commits](https://github.com/evanphx/json-patch/compare/v5.9.10...v5.9.11)
---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-01-29 07:43:10 +00:00 |
|
Charles-Edouard Brétéché
|
1d3a9294cc
|
feat: watch validating policies (#12008)
* feat: watch validating policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rest config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-28 16:24:40 +00:00 |
|
Charles-Edouard Brétéché
|
60315cb3a0
|
feat: add rest config support in setup code (#12019)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-28 14:53:14 +00:00 |
|
Mariam Fahmy
|
da717c4b17
|
feat: add validation action to VPs (#12017)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-28 14:34:26 +01:00 |
|
Charles-Edouard Brétéché
|
5b2d44afc7
|
fix: test typo (#12016)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-28 09:50:15 +00:00 |
|
Charles-Edouard Brétéché
|
26e75fbf59
|
feat: add validating policy webhook handler (#12015)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-28 09:06:30 +00:00 |
|
dependabot[bot]
|
99ea2f0b69
|
chore(deps): bump github.com/evanphx/json-patch/v5 from 5.9.0 to 5.9.10 (#12014)
Bumps [github.com/evanphx/json-patch/v5](https://github.com/evanphx/json-patch) from 5.9.0 to 5.9.10.
- [Release notes](https://github.com/evanphx/json-patch/releases)
- [Commits](https://github.com/evanphx/json-patch/compare/v5.9.0...v5.9.10)
---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-01-28 08:17:15 +00:00 |
|
dependabot[bot]
|
5abc8b498f
|
chore(deps): bump github.com/sigstore/rekor from 1.3.7 to 1.3.9 (#12013)
Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.3.7 to 1.3.9.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/rekor/compare/v1.3.7...v1.3.9)
---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-01-28 07:50:34 +00:00 |
|
Charles-Edouard Brétéché
|
92436bf4ed
|
refactor: use k8s wait group (#12010)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 23:25:33 +00:00 |
|
Charles-Edouard Brétéché
|
f6494287cc
|
fix: make flags compatible with controller-runtime (#12009)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 22:42:39 +00:00 |
|
dependabot[bot]
|
a51aa2c17a
|
chore(deps): bump google.golang.org/grpc from 1.69.4 to 1.70.0 (#11991)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.4 to 1.70.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.69.4...v1.70.0)
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 21:14:44 +00:00 |
|
Charles-Edouard Brétéché
|
db4f7fb5e6
|
feat: register cel context lib (#12007)
* feat: register cel context lib
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* unit test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 16:16:27 +00:00 |
|
Mariam Fahmy
|
b8c6931aa5
|
feat: add autogen package for ValidatingPolicies (#11996)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2025-01-27 12:36:11 +00:00 |
|
Charles-Edouard Brétéché
|
620ddd80d1
|
test: add more cli vp tests (#12006)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-27 17:17:08 +08:00 |
|
Charles-Edouard Brétéché
|
a5fe768a53
|
feat: implement cel engine context provider (#11995)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2025-01-24 15:42:58 +00:00 |
|