kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Ved Ratan	cf28c6480f	Fix: [Bug] The default field in a context variable does not replace nil results (#7251 ) * fixed the bug Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added assertion Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fixed tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * removed redundant code Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added assert Signed-off-by: Ved Ratan <vedratan8@gmail.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com>	2023-06-02 13:53:38 +00:00
shuting	4d5f832d01	fix mutate targets validation (#7387 ) * fix mutate targets validation Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fixes Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-06-02 15:06:01 +02:00
shuting	ecd3d75704	fix: match logic misbehave (#7218 ) * add rule name in ur for mutate existing Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix match logic Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fixes Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix the match logic to only apply to the new object, unless it's a delete request Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-05-18 21:57:57 +00:00
shuting	d99c000b17	fix: mutate existing auth check (#7219 ) * fix auth check when using variables in ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * add kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-05-17 18:20:34 +02:00
Charles-Edouard Brétéché	5ec66918f6	feat: add subresource support to resource filters (#6780 ) * feat: add subresource support to resource filters Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * filter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * values Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-05 13:51:07 +00:00
Charles-Edouard Brétéché	40ac8eb863	feat: add context/preconditions support to mutate existing (#6754 ) * refactor: engine handlers Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add context/preconditions support to mutate existing Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix and context kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * validation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * final fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-04-03 19:58:58 +00:00
Charles-Edouard Brétéché	8f84d222ef	chore: use Enforce instead of enforce in kuttl tests (#6763 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-04-03 13:36:30 +00:00
Vyom Yadav	c01b5cc381	fix: Don't check for subresource existence when it is the trigger. (#6544 ) Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-03-29 15:54:42 +00:00
shuting	e3902d117e	add mutate.targets validations (#6693 ) Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-27 12:30:46 +00:00
shuting	6249ab70e8	fix: block generate policies when lack of permission to operate downstream resources (#6610 ) * debug Signed-off-by: ShutingZhao <shuting@nirmata.com> * return on errors only Signed-off-by: ShutingZhao <shuting@nirmata.com> * update clusterrolebinding Signed-off-by: ShutingZhao <shuting@nirmata.com> * update clusterrolebinding Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove debug Signed-off-by: ShutingZhao <shuting@nirmata.com> * add kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix ns Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-22 13:14:57 +00:00
shuting	6f7f06f0d4	chore: cleanup generate codebase (#6598 ) * add debug info Signed-off-by: ShutingZhao <shuting@nirmata.com> * cleanup code Signed-off-by: ShutingZhao <shuting@nirmata.com> * linter fix Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove unused labels Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * reset resource version Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove ur updater Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * cleanup code Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove code to add labels to clone source #6583 Signed-off-by: ShutingZhao <shuting@nirmata.com> * rename ns Signed-off-by: ShutingZhao <shuting@nirmata.com> * remvove labels from test resource Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove generated by labels Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-17 08:36:06 +00:00
shuting	dbfeb75793	feat: ignore admission requests sent by the kyverno background controller (#6499 ) * ignore ARs sent by the kyverno background controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test Signed-off-by: ShutingZhao <shuting@nirmata.com> * add background controller sa to exclude usernames Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-03-15 12:27:28 +00:00
Chip Zoller	bc7b73401e	More kuttl standard generate tests (#6332 ) * add test cpol-data-sync-delete-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test cpol-data-sync-modify-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * rename to be more descriptive Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-sync-delete-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * cleanup test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test cpol-data-nosync-delete-rule Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test cpol-data-nosync-delete-policy Signed-off-by: Chip Zoller <chipzoller@gmail.com> * fix formatting Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add Kyverno kuttl specific snippets to BEST_PRACTICES Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add reminder note Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test cpol-data-nosync-modify-rule Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test cpol-data-nosync-modify-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-create-policy-invalid Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-sync-delete-policy Signed-off-by: Chip Zoller <chipzoller@gmail.com> * separate files Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-delete-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-delete-rule Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-delete-policy Signed-off-by: Chip Zoller <chipzoller@gmail.com> * fix description Signed-off-by: Chip Zoller <chipzoller@gmail.com> * fix description Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-modify-rule Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test pol-data-nosync-modify-downstream Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test existing-basic-create-data Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test existing-basic-create-preconditions-data Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add basic clone multiple test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add delays Signed-off-by: ShutingZhao <shuting@nirmata.com> * add generate permissions Signed-off-by: ShutingZhao <shuting@nirmata.com> * reorder source and ClusterPolicy, cleanup removal, README update Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add test for cascading-mutation Signed-off-by: Chip Zoller <chipzoller@gmail.com> * Change creation order, remove cleanup Signed-off-by: Chip Zoller <chipzoller@gmail.com> * increase sleep Signed-off-by: Chip Zoller <chipzoller@gmail.com> * remove unused test files Signed-off-by: Chip Zoller <chipzoller@gmail.com> * remove networkpolicies from perms Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add networkpolicies back Signed-off-by: Chip Zoller <chipzoller@gmail.com> * clarify readme Signed-off-by: Chip Zoller <chipzoller@gmail.com> --------- Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2023-02-27 14:39:18 +00:00
shuting	c8edf1ab32	fix: admission review variables for DELETE operations (#6197 ) * build trigger from the stored admission request payload Signed-off-by: ShutingZhao <shuting@nirmata.com> * add a kuttl test Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-02-02 14:46:53 +00:00
shuting	e8146e786e	fix: namespaceSelector for background policies (#6188 )	2023-02-02 08:56:00 +00:00
Charles-Edouard Brétéché	6545f64ce1	refactor: helm labels management (#6073 ) * refactor: helm labels management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * labels Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * labels Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * labels Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>	2023-01-24 20:41:24 +00:00
Charles-Edouard Brétéché	c933da999f	refactor: helm tests (#6074 ) * refactor: helm tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test other components Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * values Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * resources Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * image Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * annotations Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * annotations Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * delete Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2023-01-23 08:31:22 -05:00
shuting	e9f338df58	add kuttl assert file (#5870 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-01-05 08:16:16 -05:00
shuting	f59f17c05c	fix mutate targets variable (#5862 ) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2023-01-04 12:35:46 +01:00
Charles-Edouard Brétéché	41fd4fb252	refactor: supress usage of kustomize in build (#5691 ) * refactor: supress usage of kustomize in build (part 1) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * e2e Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * e2e Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * e2e Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * clean Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * labels Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * simplify templating flags Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-12-19 16:26:07 +01:00
Vyom Yadav	99d988e98c	feat: add support for subresources to validating and mutating policies (#4916 ) * feat: add support for subresources to validating and mutating policies Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> * Add CLI test cases with subresources for validating policies Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> * Fix existing e2e tests for validating policies and remove tests migrated to kuttl Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> * Add kuttl e2e tests for validating policies with subresources Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> * Add kuttl e2e tests for mutating policies with subresources Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> * Add kuttl e2e tests for validating policy by-pass by manipulating preconditions Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com> Signed-off-by: Vyom-Yadav <jackhammervyom@gmail.com>	2022-12-10 00:45:23 +08:00
Chip Zoller	21da0f335e	Migrate all mutate e2e tests to kuttl and expand (#5491 ) * add jmespath-logic test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add simple-conditional test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add variables-in-keys test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add patchesjson6902-simple Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add foreach-patchStrategicMerge-preconditions test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add patchStrategicMerge-global test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add patchStrategicMerge-global-addifnotpresent test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add patchesJson6902-replace test Signed-off-by: Chip Zoller <chipzoller@gmail.com> * adjust "basic" mutate existing test to prep for e2e migrations Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add basic-create test (mutate existing) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add basic-delete test (mutate existing) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add basic-create-policy test (mutate existing) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * add basic-create-patchesJson6902 test (mutate existing) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * change name to avoid deletion race Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-29 08:40:57 +00:00
shuting	93eaead565	fix: mutate existing policy does not get applied when background=false (#5439 ) * fix mutate existing policies when background=false Signed-off-by: ShutingZhao <shuting@nirmata.com> * add the kuttl test Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com>	2022-11-23 08:16:06 +00:00
Tobias Dahlberg	97a2b9a9a3	test: add kuttl tests for jmespath special chars (#5310 ) * Adds tests for fixes in #4767 Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com> Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-11 09:45:23 +00:00
Charles-Edouard Brétéché	78fb926862	fix: add missing test suite to kuttl (#5268 ) * fix: add missing test suite to kuttl Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix path Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * readme Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>	2022-11-08 15:27:49 +01:00
Charles-Edouard Brétéché	1899938f05	chore: use conditions in kuttl tests to check ready policies (#5252 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>	2022-11-07 18:34:29 +00:00
Chip Zoller	da18305015	add kuttl tests (#5204 ) - add kuttl tests - try rekor: {url: "https://rekor.sigstore.dev"} - add rekor{} object to last two policies Signed-off-by: Chip Zoller <chipzoller@gmail.com>	2022-11-04 14:00:31 +00:00

27 commits