Vishal Choudhary
|
ea19244876
|
fix: expect base64 string in raw tuf root (#11117)
* fix: expect base64 string in raw tuf root
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: rename kyverno yaml file
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-09-12 12:34:52 +00:00 |
|
Vishal Choudhary
|
71f29d011c
|
fix: make webhook cleanup setup optional and add cleanup ci test (#11077)
* fix: make webhook cleanup setup optional and add cleanup ci test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add logging
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: add validating webhook count check
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2024-09-11 08:38:45 +02:00 |
|
Mariam Fahmy
|
bde90340a6
|
chore: remove v1alpha1 of VAPs and use v1beta1 (#10955)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-08-29 15:31:25 +00:00 |
|
shuting
|
2cd462570a
|
feat: foreach support for clone (#10888)
* chore: add chainsaw tests for foreach clone
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update webhooks for foreach generate
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: rename generatePattern
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: chainsaw tests for generateExisting
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add chainsaw tests for foreach clone, sync=true
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter issues
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add chainsaw test foreach clonelist, sync=true, delete source
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: sync deletion for cloneList
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2024-08-29 11:59:22 +00:00 |
|
shuting
|
481798c836
|
refactor: update updaterequest to be created for each policy (#10793)
* chore: remove v1beta1 updaterequest definitions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update UR to map a policy instead a rule; adapt UR mapping changes for admission review
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update code-gen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: remove unused function
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: add missing files
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update ur in policy controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update crds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: adapt ur changes in the background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: more linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: modify mapping relationship for deletion events
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: remedy missing target for policy application
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: fetching logic for triggers
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: clean up targets upon policy deletion
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update crds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* merge main
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* merge main
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: adds delay before assertion
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: update docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: wrong yaml format
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: update error handling logic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(attempt): enable more debug info
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(attempt): enable debug log
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(attempt): enable debug log
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(attempt): enable debug log
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: makefile to update ur crds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: generate existing
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: skip empty ur generation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2024-08-13 17:14:06 +00:00 |
|
Khaled Emara
|
b8a69a7eac
|
feat(audit): enable audit logs for kind (#10822)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-08-12 15:57:16 +00:00 |
|
Mariam Fahmy
|
35494bd8bb
|
feat add chainsaw tests for pod security and exceptions (#10664)
* feat add chainsaw tests for pod security and exceptions
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: enable ProcMountType in the kind config
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-07-16 12:14:47 +00:00 |
|
Khaled Emara
|
fb40aa5f38
|
feat(audit): use a worker pool for Audit policies (#10048)
* enhancement: split validation logic for enforce and audit policies to return admission response earlier
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: add missing file
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: linter issues
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: unit tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: get latest policy object before updating status
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* chore: remove debug code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: compare before updates
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: initial reconcile
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: updates
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat(audit): use a worker pool for Audit policies
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix: unit test
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(attempt): spin up go routine
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* feat: add flags maxAuditWorkers, maxAuditCapacity
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: enable debug log on failure
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: wait group panic
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* load-tests: add stess tests configurations
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* load-tests: disable admissionreports
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: build policy contexts syncronously
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: only run generate and mutate existing go routines when policies are present
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: mutate and verify tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: return early if no audit policy
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix: run handlegenerate and mutate existing in all cases
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: only test bgapplies in generate test
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: defer wait in tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* enhancement: process validate enforce in a go routine
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
|
2024-04-17 15:46:18 +08:00 |
|
Khaled Emara
|
38feb7d694
|
ci: add load testing workflow (#9515)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-01-29 12:30:51 +00:00 |
|
Khaled Emara
|
3ef598c155
|
chore(helm): omit normal events by default (#9493)
* chore(helm): omit normal events by default
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(tests): fix tests related to events
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-01-24 13:16:18 +01:00 |
|
Charles-Edouard Brétéché
|
4cabc3ce44
|
fix: make tuf feature in chart consistent with others (#8542)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-09-27 13:03:17 +00:00 |
|
Vishal Choudhary
|
d4d5d751b1
|
fix: disables TUF by default (#8509)
|
2023-09-22 14:32:57 +05:30 |
|
Vishal Choudhary
|
e2469415b7
|
feat: add support for custom sigstore using TUF (#8385)
* feat; add support for custom sigstore using TUF
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add kuttl test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add commit hash
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add kyverno.yaml
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update kyverno deployment
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update ordering
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update deployment
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update create image step
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove wait step
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: install crane
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: set sha on install crane
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add cosign installer
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update custom deployment
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: helm chart linting
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update Chart.yaml
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: helm values liniting error
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove step
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: kind-deploy-kyverno
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: create configmap in kyverno namespace
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update policy
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: create kyverno ns
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: use envfrom
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: indentation
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update tuf root
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add sigstore volume
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: nit
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove tuf root
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: use default tuf instead :(
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update Create kind cluster
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove root
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update impl
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: nit
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: use custom test
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove force
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: cosign initialize
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: add yes flag
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* update manifest
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: move tuf to features
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update comments
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* chore: helmchart generate
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: trailing white space
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: remove old fields
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: decouple env config map from tuf
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* change the way we pass flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: re add envConfigMap
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix env vars
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove envConfigMap
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-09-18 13:16:08 +00:00 |
|
Mariam Fahmy
|
bbd137db24
|
feat: add kuttl tests for validating admission policy backgroundscan reports (#8292)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-09-07 02:22:12 +00:00 |
|
Mariam Fahmy
|
c583b64120
|
feat: generate validating admission policies and their bindings from Kyverno policies (#7840)
* feat: generate validating admission policies and their bindings from Kyverno policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add generate VAPs feature flag
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: use container flags instead of feature flags
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: limit VAP generation to cluster policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add policy checks for generating VAPs
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: rename package
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: translate match/exclude resources in Kyverno policies to their alternatives in validating admission policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add vap info in kyverno policy status
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: delete the translation of
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add kuttl tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add generateValidatingAdmissionPolicy feature flag in the helm chart
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: update codegen
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add validating admission policy kuttl tests in the workflow
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: check K8s server version
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix lint issue
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: remove the kind config of VAPs
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-08-31 10:25:21 +00:00 |
|
Mariam Fahmy
|
d0d6871a11
|
chore: enable admissionregistration v1alpha1 in kind config (#8154)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-08-29 11:10:56 +00:00 |
|
Mariam Fahmy
|
5c9f78e627
|
chore: add kind config file for v1beta1 of validating admission policies (#8139)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-08-28 19:19:04 +00:00 |
|
Charles-Edouard Brétéché
|
23b7bd4644
|
chore: add otel collector to dev lab (#8106)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-24 13:04:01 +00:00 |
|
Charles-Edouard Brétéché
|
967536db7d
|
chore: add kind config with kubelet and apiserver tracing (#8105)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-24 09:10:02 +00:00 |
|
Charles-Edouard Brétéché
|
67151888d8
|
chore: add support for different kind config (#8079)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-21 13:56:57 +00:00 |
|
Ved Ratan
|
9f2cc6c99c
|
feat: add ttl controller (#7821)
* added the ttl controller
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fixed label and vars
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added logger
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* removed comments
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* more lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* applied changes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* minor fixes
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix logger, separate parse logic
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added kuttl tests, validation utilities
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* commented code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* renamed tests
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix test
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* created log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix log.go
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added README.md refactor code
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added validation webhook
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* label-validation fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* added flag, updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated verbs
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* updated helm chart
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* imporoved webhook validation
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* linter fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* lint fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* fix codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* webhook names and path constants
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* constant label
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix label selector
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl test fix
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
* helm docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix controller logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: manager logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix failure policy
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move kuttl tests in separate job
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove rbac steps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove configmaps from core cluster role
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix logger
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename flag
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix error
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-02 16:47:40 +02:00 |
|
Raúl Garcia Sanchez
|
9b0343d836
|
Allow setting verbs for clusterrole extraresources on backgroundController (#7380)
* fix webhookCleanup enable switch syntax
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* chore: cleanup codecov workflow (#5829)
* chore: cleanup codecov workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: cleanup codecov workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* updated template file to match with syntax fix
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* align definition of clusterRole extraResources for
backgroundController with adminissionController
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* update test routine clusterRole definition
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
* Update scripts/config/standard/kyverno.yaml
fine for me
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
* Update charts/kyverno/values.yaml
fine for me 👍
Co-authored-by: shuting <shutting06@gmail.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
---------
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shutting06@gmail.com>
|
2023-06-02 09:47:38 +00:00 |
|
Charles-Edouard Brétéché
|
32df01f2d4
|
chore: add makefile target for kwok (#7097)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-05-05 13:41:37 +08:00 |
|
Charles-Edouard Brétéché
|
e39587b2bd
|
feat: add features section in helm values (#6935)
* feat: add features section in helm values
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* configs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* overrides
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-25 11:23:01 +00:00 |
|
Charles-Edouard Brétéché
|
fc114896d4
|
chore: add config with exceptions disabled (#6918)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-13 18:46:37 +00:00 |
|
Charles-Edouard Brétéché
|
ff93502421
|
chore: add kuttl tests with default config (#6847)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
|
2023-04-11 12:50:53 +00:00 |
|
Charles-Edouard Brétéché
|
e79761eb95
|
chore: support multiple helm values (#6810)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-06 15:05:34 +00:00 |
|
Charles-Edouard Brétéché
|
a3147758e4
|
feat: add policy reporter to the dev lab (#6799)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-04-06 09:38:28 -04:00 |
|
Charles-Edouard Brétéché
|
3adadae7da
|
refactoring: helm logging, tracing and metering config (#6613)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-03-20 05:42:34 +00:00 |
|
Charles-Edouard Brétéché
|
32fa111965
|
refactor: make extraArgs objects in helm chart (#6588)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-17 12:43:05 +00:00 |
|
Charles-Edouard Brétéché
|
c275740279
|
fix: add missing service monitor for background controller (#6600)
* fix: add missing service monitor for background controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-16 12:03:52 +00:00 |
|
Charles-Edouard Brétéché
|
6abc7f2e03
|
fix: improve reports controller default values and workers (#6522)
* fix: improve reports controller default values and worker
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-10 09:39:20 +00:00 |
|
Charles-Edouard Brétéché
|
b33f7e8d73
|
refactor: helm admission controller config (#6501)
* refactor: helm admission controller config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-06 22:39:07 +08:00 |
|
Charles-Edouard Brétéché
|
add898c1c7
|
refactor: helm admission controller config (#6460)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-03-03 12:24:32 +08:00 |
|
Chip Zoller
|
bc7b73401e
|
More kuttl standard generate tests (#6332)
* add test cpol-data-sync-delete-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test cpol-data-sync-modify-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* rename to be more descriptive
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-sync-delete-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* cleanup test
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test cpol-data-nosync-delete-rule
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test cpol-data-nosync-delete-policy
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix formatting
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add Kyverno kuttl specific snippets to BEST_PRACTICES
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add reminder note
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test cpol-data-nosync-modify-rule
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test cpol-data-nosync-modify-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-create-policy-invalid
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-sync-delete-policy
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* separate files
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-delete-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-delete-rule
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-delete-policy
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix description
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix description
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-modify-rule
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test pol-data-nosync-modify-downstream
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test existing-basic-create-data
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test existing-basic-create-preconditions-data
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add basic clone multiple test
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add delays
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add generate permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* reorder source and ClusterPolicy, cleanup removal, README update
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add test for cascading-mutation
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Change creation order, remove cleanup
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* increase sleep
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* remove unused test files
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* remove networkpolicies from perms
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add networkpolicies back
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* clarify readme
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
---------
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-02-27 14:39:18 +00:00 |
|
shuting
|
d3c2cd23fa
|
add kuttl tests (#6336)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-02-24 14:59:55 +00:00 |
|
Charles-Edouard Brétéché
|
6934c66a71
|
refactor: add more functionnalities to engine interface (#6212)
* refactor: add more functionnalities to engine interface
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* exclude mechanism
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* polex
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix kuttl tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-02-06 13:49:47 +08:00 |
|
shuting
|
e8146e786e
|
fix: namespaceSelector for background policies (#6188)
|
2023-02-02 08:56:00 +00:00 |
|
shuting
|
b4c1590ff3
|
feat: template background controller (#6157)
* add make targets for background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* template background controller
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix code-gen manifests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove unused code
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* trim spaces
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* Update Makefile
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
* Update Makefile
Signed-off-by: shuting <shutting06@gmail.com>
* fix
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* refactor: move resolvers into engine api package (#6162)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add rbac
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add more rbac
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add debug info
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add notes to helm install
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix permissions
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: shuting <shutting06@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
|
2023-01-31 17:12:34 +01:00 |
|
Charles-Edouard Brétéché
|
df6026732a
|
fix: dev lab (#6058)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-01-20 15:12:37 +00:00 |
|
Charles-Edouard Brétéché
|
af3882f869
|
feat: add missing polex flags (#6030)
* feat: add missing polex flags
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chart defaul
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-01-19 11:56:22 +08:00 |
|
Charles-Edouard Brétéché
|
f927b51b86
|
feat: add metrics service and service monitor to cleanup controller (#5653)
* feat: add metrics service and service monitor to cleanup controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* more config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* name and certs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: conditions check
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* leader election
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* workflows
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rbac
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2022-12-12 18:39:29 +00:00 |
|
Charles-Edouard Brétéché
|
3dff75b8f1
|
feat: add dev config with support for prom loki and tempo (#5647)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2022-12-12 13:58:36 +08:00 |
|