1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00
Commit graph

6082 commits

Author SHA1 Message Date
Charles-Edouard Brétéché
f6933f11f3
test: add kuttl tests for background only policies (#7709)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 20:53:23 +08:00
Charles-Edouard Brétéché
c5ebb73231
fix: lock schema manager when updating it (#7704)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-29 12:39:09 +08:00
Daniel Laszlo
62f4aa4271
fix: customizable tracer configuration (#7644)
* fix: customizable tracer configuration

Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: harden rbac permissions (#7638)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](dd6b2e2b61...d13028333d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](80e868c13c...08b4669551)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* use resource.New instead of Merge

Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix tabs

Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* [Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650)

* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6

Signed-off-by: webstradev <e.s.westra.95@gmail.com>

* fixed tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added tests for repository

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: vscode debug config (#7653)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: pr updater workflow (#7665)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: add specific loaders from #7597 (#7671)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* feat: add cluster select and relabling config for ServiceMonitors (#7659)

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

---------

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: cleanup controller context from #7597 (#7672)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: cleanup controller rbac (#7669)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: migrate context loaders (part 1) from #7597 (#7676)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* refactor: migrate context loaders (part 2) from #7597 (#7677)

* refactor: migrate context loaders (part 1) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 2) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* feat: add lazy loading feature flag (#7680)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: image verification (#7652)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* Fix deferred loading (#7597)

* handle nested contexts

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add feature flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix CLI regclient

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix: token permissions on report vulns workflow (#7611)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: token permissions (#7619)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: update the flag descriptions of the reports-controller (#7617)

Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>

* fix: panic if env var not defined (#7613)

* fix: panic if env var not defined

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* use toggles instead of a flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix roles

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update manifests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove extra unlock

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix loader reset

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* propagate context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cm resolver

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* level management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add enableDeferredLoading to other controllers

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* re-enable ACR credhelper

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove image registry client init

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* check for invalid reset/restore

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* recursive kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add pre/post queries

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add check for a recursive match

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* new test suite

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* eval loaders at creation level

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add an index for resolving deps in order

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve comment

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extract remove method

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* merge main

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feature flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* two rules kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* revert

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checkpoint

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix mutate chained rules

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checpoint/restore

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* log error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* fix: factorise confimap informer code (#7667)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d13028333d...6e04d228eb)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>

* Update pkg/tracing/config.go

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com>
Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-06-28 14:25:57 +00:00
Charles-Edouard Brétéché
9d859bc378
fix: pr updater workflow (#7697)
* fix: pr updater workflow

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* Update .github/workflows/pr-update.yaml

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-06-28 13:26:22 +00:00
Charles-Edouard Brétéché
1d5fe217da
feat: add background only policy support (#6666)
* feat: add background only policy support

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* webhook

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* validation

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* all disabled

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-28 12:54:27 +00:00
JaeHeung Han
1cf9f43b8b
fix: Swap any/all in the error message. (#7688)
Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-28 10:13:10 +00:00
dependabot[bot]
5b9c13ad00
chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d13028333d...6e04d228eb)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 07:34:06 +00:00
Charles-Edouard Brétéché
88cfa4396a
fix: factorise confimap informer code (#7667)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-06-28 04:43:16 +00:00
Jim Bugwadia
b98c0775f2
Fix deferred loading (#7597)
* handle nested contexts

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add feature flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix linter issues

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix CLI regclient

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix: token permissions on report vulns workflow (#7611)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: token permissions (#7619)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: update the flag descriptions of the reports-controller (#7617)

Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>

* fix: panic if env var not defined (#7613)

* fix: panic if env var not defined

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* use toggles instead of a flag

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update toggle name

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix roles

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix role

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* update manifests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove extra unlock

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix loader reset

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* propagate context

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* cm resolver

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* level management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* address review comments

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add enableDeferredLoading to other controllers

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* re-enable ACR credhelper

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* remove image registry client init

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* check for invalid reset/restore

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* recursive kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add pre/post queries

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add check for a recursive match

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* new test suite

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* eval loaders at creation level

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add an index for resolving deps in order

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* improve comment

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extract remove method

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* merge main

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feature flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix flag

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* two rules kuttl test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* update unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* revert

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checkpoint

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix mutate chained rules

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* per rule checpoint/restore

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* log error

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-27 09:58:50 -07:00
Charles-Edouard Brétéché
df5f54198d
fix: image verification (#7652)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-27 07:31:02 +00:00
Charles-Edouard Brétéché
441641515a
feat: add lazy loading feature flag (#7680)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-27 13:44:15 +08:00
Charles-Edouard Brétéché
b4d2aae776
refactor: migrate context loaders (part 2) from #7597 (#7677)
* refactor: migrate context loaders (part 1) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: migrate context loaders (part 2) from #7597

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 13:46:30 -07:00
Charles-Edouard Brétéché
a7cfeaa3ce
refactor: migrate context loaders (part 1) from #7597 (#7676)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 17:18:32 +00:00
Charles-Edouard Brétéché
f9209de3ff
fix: cleanup controller rbac (#7669)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 15:38:00 +00:00
Charles-Edouard Brétéché
f3a5a885e0
fix: cleanup controller context from #7597 (#7672)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 14:57:23 +00:00
Frank Jogeleit
8aef874d75
feat: add cluster select and relabling config for ServiceMonitors (#7659)
* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

* feat: add cluster select and relabling config for ServiceMonitors

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

---------

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>
2023-06-26 14:24:15 +00:00
Charles-Edouard Brétéché
e5ceebe4a9
refactor: add specific loaders from #7597 (#7671)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 13:31:40 +00:00
Charles-Edouard Brétéché
2cdeaacb87
fix: pr updater workflow (#7665)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 11:14:50 +00:00
Charles-Edouard Brétéché
381721a841
fix: vscode debug config (#7653)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 10:08:51 +00:00
Vishal Choudhary
2e3632967e
[Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650)
* Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6

Signed-off-by: webstradev <e.s.westra.95@gmail.com>

* fixed tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added tests for repository

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: webstradev <e.s.westra.95@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: webstradev <e.s.westra.95@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
2023-06-26 09:21:48 +00:00
dependabot[bot]
5f15ad2ddc
chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](80e868c13c...08b4669551)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 08:11:22 +00:00
dependabot[bot]
579bee8286
chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](dd6b2e2b61...d13028333d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 07:39:40 +00:00
Charles-Edouard Brétéché
9636eb7e3a
fix: harden rbac permissions (#7638)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-26 11:57:24 +08:00
shuting
955570b0c5
fix: auth checks with the APIVersion and the subresource (#7628)
* fix auth checks with apiVersion and subresource

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove duplicate code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update permissions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-22 14:14:06 +00:00
Chip Zoller
c6e97c0ecc
add missing VULN_TEMPLATE.md (#7640)
* add missing VULN_TEMPLATE.md

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* remove file; fix reference

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
2023-06-22 13:33:48 +00:00
Charles-Edouard Brétéché
e267a1dacf
fix: harden certs secrets management (#7634)
* fix: harden certs secrets management

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* rbac

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* informers

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-22 20:14:53 +08:00
Charles-Edouard Brétéché
ffc6ca7408
fix: cleanup controllerutils client interfaces (#7630)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-22 11:12:36 +00:00
shuting
2264d21cd2
enable webhook clean up (#7633)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-22 09:14:41 +00:00
dependabot[bot]
2ff2f055f1
chore(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 (#7636)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.0 to 1.56.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.0...v1.56.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-22 08:16:03 +00:00
Chip Zoller
4b8361bcc6
fix workflow (#7615)
* fix workflow

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* save

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* jq to compact output

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 15:15:55 +00:00
Charles-Edouard Brétéché
f2bfc13edb
fix: stop using lister in tls renewer (#7629)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 13:35:43 +00:00
Charles-Edouard Brétéché
511e9fefaf
fix: harden cleanup controller rbac (#7626)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 12:53:48 +00:00
Charles-Edouard Brétéché
48d64bd031
fix: token permissions (#7624)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 09:47:15 +00:00
Charles-Edouard Brétéché
f307760a08
chore: improve pr updater job (#7592)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 08:31:11 +00:00
Charles-Edouard Brétéché
6caea187f1
fix: reduce number of queries to detect delete operations (#7620)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 07:59:54 +00:00
Charles-Edouard Brétéché
76139ea0ce
fix: service account name env var defined twice (#7623)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 07:29:09 +00:00
Charles-Edouard Brétéché
362c5db2ed
fix: panic if env var not defined (#7613)
* fix: panic if env var not defined

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-21 04:12:01 +00:00
Emmanuel Ferdman
3348ddd6ea
fix: update the flag descriptions of the reports-controller (#7617)
Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com>
2023-06-20 21:53:58 +00:00
Charles-Edouard Brétéché
ca8888c2da
fix: token permissions (#7619)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 21:15:47 +00:00
Charles-Edouard Brétéché
d8951d4a95
fix: token permissions on report vulns workflow (#7611)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 16:01:16 -04:00
Charles-Edouard Brétéché
4ff276c2d6
chore: improve dependabot config (#7610)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 16:25:28 +00:00
Charles-Edouard Brétéché
58023c6360
fix: scorecard workflow (#7605)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 13:30:15 +00:00
shuting
f6b097db17
fix: deletion mismatch for the generate policy (#7579)
* fix deletion mismatch

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix clone source kind

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fetch kinds

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-20 12:58:23 +00:00
Charles-Edouard Brétéché
74f2cb3076
fix: CLI tests (#7596)
* fix: CLI tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-20 12:04:06 +00:00
Vishal Choudhary
a068879be1
adding @Vishal-Chdhry to codeowners (#7586)
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-06-19 18:06:17 +00:00
Marcel
2a2be0ae5a
Add nancy-ignore to make it pass with current dependencies (#7590)
Signed-off-by: Marcel Müller <marcel@giantswarm.io>
2023-06-19 17:30:23 +00:00
shuting
3786e49cad
reduce sleep duration for generate kuttl tests (#7589)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
2023-06-19 16:58:39 +00:00
Charles-Edouard Brétéché
6de0b8461f
fix: make configuring max procs not exit in case of error (#7588)
* fix: make configuring max procs not exit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 16:27:00 +00:00
Charles-Edouard Brétéché
2d060fae36
fix: scorecard workflow (#7587)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 15:47:58 +00:00
Chip Zoller
f6045d7035
Test policy library (#7568)
* first attempt at adding policy library to kuttl tests

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix checkout

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* use standard config

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* use config file in kyverno/policies

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* cd

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix run command

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix debug failure uses

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-06-19 15:17:24 +00:00