Jim Bugwadia
|
a1b49f72a3
|
fix gofmt and golint issues (#667)
* fix gofmt and golint issues
* add keys to structs
* fix compile error
* fix clusterrolebinding creation
* fix test
|
2020-02-03 13:38:24 -08:00 |
|
Shivkumar Dudhani
|
2bba55e211
|
substitute variable values on a copy of policy rule (#669)
|
2020-02-03 11:59:34 -08:00 |
|
shravan
|
4471117d42
|
644 removing more deadcode related to previous commit
|
2020-02-03 18:58:31 +05:30 |
|
shravan
|
0d4b256d13
|
644 updating changes with revised understanding of issue, also removed alot of deadcode to make changes
|
2020-02-03 18:51:18 +05:30 |
|
shravan
|
3b37a61f5d
|
Revert "644 untested prototype changes"
This reverts commit 4021453760 .
|
2020-02-01 20:48:06 +05:30 |
|
shravan
|
1da17a58f5
|
658 untested changes
|
2020-01-31 13:16:08 +05:30 |
|
shubham
|
c93a37d944
|
updated error message
|
2020-01-30 21:50:41 +05:30 |
|
shravan
|
4021453760
|
644 untested prototype changes
|
2020-01-30 16:12:26 +05:30 |
|
shubham
|
2b12f2a780
|
setting proper error message in policy validation for userinfo not allowed when background mode is set to true
|
2020-01-30 00:22:28 +05:30 |
|
shravan
|
c4a8efbd7b
|
Merge branch 'master' into 253_ValidationInMutationFlag_v3
|
2020-01-29 14:34:15 +05:30 |
|
shravan
|
1c06353172
|
Merge branch 'master' into 522_validate_policy_resource_data
|
2020-01-29 14:33:21 +05:30 |
|
shravan
|
6762207fa7
|
Merge branch 'master' into 536_extend_cli
|
2020-01-29 14:26:44 +05:30 |
|
shuting
|
3343d73b76
|
linter fix (#657)
|
2020-01-27 08:58:53 -08:00 |
|
shravan
|
b7129263c9
|
536 revised error handling
|
2020-01-26 19:52:40 +05:30 |
|
shravan
|
33e55a78e0
|
536 corrected helper text
|
2020-01-26 19:44:18 +05:30 |
|
shravan
|
a4e06a6ba1
|
536 fixing compilation issues
|
2020-01-26 19:42:09 +05:30 |
|
shravan
|
5a63b85368
|
536 conforming to plugin author guidelines
|
2020-01-26 19:21:58 +05:30 |
|
shravan
|
de08e2415c
|
536 circle ci changes
|
2020-01-26 11:17:04 +05:30 |
|
shravan
|
ee21060aaa
|
made kube config optional, validates policeis on apply, added cluster flag
|
2020-01-26 10:47:58 +05:30 |
|
shravan
|
94f8721a6e
|
536 apply on cluster now supports significantly more resource types
|
2020-01-25 22:38:54 +05:30 |
|
shravan
|
78edfd2f7d
|
Merge branch '522_validate_policy_resource_data' into 536_extend_cli
|
2020-01-25 17:57:16 +05:30 |
|
shravan
|
5f62d108b9
|
536 minor cli ui changes
|
2020-01-25 17:57:01 +05:30 |
|
shravan
|
865eb57812
|
resolving merge conflicts
|
2020-01-25 16:38:12 +05:30 |
|
shravan
|
e1b9a13590
|
resolving merge conflicts
|
2020-01-25 14:55:36 +05:30 |
|
shravan
|
78cae242c5
|
522 restructured files
|
2020-01-25 14:53:12 +05:30 |
|
shubham
|
7a34378648
|
Adding log level 4 to "Loading variable" logs in context.go line no 124 and 139 (#648)
Type at pkg/policyviolation/namespacedev.go
|
2020-01-24 16:29:51 -08:00 |
|
Shivkumar Dudhani
|
f4406bbefc
|
linter fixes (#656)
* cleanup phase 1
* linter fixes phase 2
* linter fixes
* linter fixes
|
2020-01-24 16:27:51 -08:00 |
|
Shivkumar Dudhani
|
8c1d79ab28
|
linter suggestions (#655)
* cleanup phase 1
* linter fixes phase 2
|
2020-01-24 12:05:53 -08:00 |
|
shravan
|
81ea5ba157
|
253 fixing circle ci issues
|
2020-01-24 23:40:05 +05:30 |
|
shravan
|
12076f6183
|
Merge branch 'master' into 253_ValidationInMutationFlag_v3
|
2020-01-24 23:32:15 +05:30 |
|
shravan
|
4bd3603e5d
|
253 fixing build issues
|
2020-01-24 23:25:39 +05:30 |
|
shravan
|
53a795e414
|
resolving merge conflicts
|
2020-01-24 23:24:20 +05:30 |
|
Shivkumar Dudhani
|
1171ac691b
|
cleanup phase 1 (#653)
|
2020-01-24 09:37:12 -08:00 |
|
shravan
|
1b707f10a0
|
522 added ability to override default openAPI document
|
2020-01-24 22:27:21 +05:30 |
|
shravan
|
aec7a78822
|
522 adding swagger doc directly to repo instead of getting it from the internet
|
2020-01-24 21:31:38 +05:30 |
|
shravan
|
d5778e3815
|
522 add missing circle ci change from previous revision
|
2020-01-24 21:12:36 +05:30 |
|
shravan
|
29bb74c537
|
522 more missing changes from circleci
|
2020-01-24 21:09:04 +05:30 |
|
shravan
|
db95002828
|
522 missing circle ci change
|
2020-01-24 21:01:56 +05:30 |
|
shravan
|
dfedd86505
|
522 resolving circle ci
|
2020-01-24 20:59:14 +05:30 |
|
shravan
|
b2e2dd8a0f
|
522 now supports all possible kinds
|
2020-01-24 20:22:33 +05:30 |
|
shravan
|
a959c4969e
|
522 revising setting of global state
|
2020-01-24 18:53:51 +05:30 |
|
shravan
|
a3bcde6f1e
|
adding tests
|
2020-01-24 15:45:56 +05:30 |
|
shravan
|
56b54e6484
|
522 fixing bugs discovered from writing tests
|
2020-01-24 14:33:40 +05:30 |
|
shravan
|
fa7c522b5c
|
522 minor changes from tests
|
2020-01-24 09:51:40 +05:30 |
|
shravan
|
a90999417e
|
522 added kind prefix
|
2020-01-23 22:12:01 +05:30 |
|
shravan
|
af68f77b62
|
522 untested changes
|
2020-01-23 20:45:25 +05:30 |
|
shravan
|
be8527be47
|
revised 522 changes
|
2020-01-23 20:19:58 +05:30 |
|
shravan
|
344af84ec5
|
adding patch validation formutation
|
2020-01-23 18:03:37 +05:30 |
|
shravan
|
00da200c59
|
fixing cli output printing issues
|
2020-01-17 21:28:53 +05:30 |
|
shravan
|
2e60df0cb3
|
removing uneeded log statements
|
2020-01-17 09:55:04 +05:30 |
|
shravan
|
fc8153724e
|
added map of kind to list api from swagger document
|
2020-01-17 09:51:13 +05:30 |
|
shravan
|
d0da7a8ed4
|
Merge branch 'master' into 536_extend_cli
|
2020-01-17 09:50:11 +05:30 |
|
Shuting Zhao
|
24f3659b03
|
update debug info log level
|
2020-01-16 14:37:01 -08:00 |
|
Shuting Zhao
|
5d3d27cafd
|
report violation for mutation failure only, not block the creation
|
2020-01-16 14:29:44 -08:00 |
|
Shuting Zhao
|
ba8030bec0
|
change to use validationFailureAction for the mutation failure action
|
2020-01-16 11:57:28 -08:00 |
|
shravan
|
f41b7124ac
|
fixing merge issues
|
2020-01-17 00:09:39 +05:30 |
|
shravan
|
79999c4948
|
extended cli
|
2020-01-17 00:05:15 +05:30 |
|
Shuting Zhao
|
7e59e8e484
|
mutation failure to not block resource creation
|
2020-01-15 21:46:58 -08:00 |
|
Shuting Zhao
|
77a6408f30
|
pass in patchedResource inside the same mutation rule
|
2020-01-15 18:15:48 -08:00 |
|
Shuting Zhao
|
b26ed89880
|
- set failurepolicy of webhookconfiguraitons to ignore; - disable auto-gen on policy disabllow_default_namespace
|
2020-01-15 18:01:50 -08:00 |
|
shravan
|
1b417f42dd
|
changed validating webhook configuration names
|
2020-01-15 20:29:02 +05:30 |
|
shravan
|
520e675155
|
Merge branch 'master' into 253_ValidationInMutationFlag_v2
|
2020-01-15 19:45:16 +05:30 |
|
Shuting Zhao
|
fbe6ea2f24
|
fix annotation path error if applied to pod controller
|
2020-01-14 15:57:02 -08:00 |
|
Shivkumar Dudhani
|
cadd8f6b1b
|
check for multiple variables in a expression & serviceAccount variables (#610)
* check for multiple variables in a expression & serviceAccount variables
* update the regex matcher
|
2020-01-13 18:56:11 -08:00 |
|
Shivkumar Dudhani
|
dabe592d46
|
fix the bugs and add pre-condition checks (#606)
* fix the bugs and add pre-condition checks
* add precondition documentation
|
2020-01-13 11:21:14 -08:00 |
|
Shuting Zhao
|
cca5dd31b6
|
pass in original resource to validation if patches from mutation is nil
|
2020-01-13 10:15:52 -08:00 |
|
shravan
|
8dc6b06d79
|
resolving merge conflicts
|
2020-01-11 18:33:11 +05:30 |
|
shuting
|
0f398e631d
|
Merge pull request #599 from nirmata/542_feature
flag to use FQDN as CommonName in CSR
|
2020-01-10 18:38:18 -08:00 |
|
Shuting Zhao
|
4eff0e9a8c
|
fix build error
|
2020-01-10 18:31:43 -08:00 |
|
Shuting Zhao
|
f618bbcff3
|
pass in ctx to mutation and generation
|
2020-01-10 18:25:16 -08:00 |
|
Shuting Zhao
|
4c83ab8b52
|
add more unit tests
|
2020-01-10 17:15:44 -08:00 |
|
Shuting Zhao
|
eb0390d0ed
|
remove managedResource
|
2020-01-10 13:34:45 -08:00 |
|
Shuting Zhao
|
ac0404bd6c
|
Merge branch 'master' into add_testscenario
|
2020-01-10 12:00:04 -08:00 |
|
Shuting Zhao
|
434ed20857
|
report violation in generate when path not present
|
2020-01-10 11:59:05 -08:00 |
|
shivkumar dudhani
|
3f965a245b
|
add check for clone
|
2020-01-10 08:01:18 -08:00 |
|
Shuting Zhao
|
2eb0e49306
|
fix build error
|
2020-01-09 17:53:27 -08:00 |
|
Shuting Zhao
|
5a44ab3e16
|
generate violation in validate when substitute path not present
|
2020-01-09 17:44:11 -08:00 |
|
Shuting Zhao
|
f78ca61859
|
generate violation in mutation when substitute path not present
|
2020-01-09 12:24:37 -08:00 |
|
Shuting Zhao
|
731fdb3e07
|
validate paths in variable substitution is present
|
2020-01-09 12:23:05 -08:00 |
|
Shuting Zhao
|
d0a1acbac4
|
fix build error
|
2020-01-08 16:56:41 -08:00 |
|
Shuting Zhao
|
e3123e96b6
|
Merge branch 'master' into add_testscenario
|
2020-01-08 16:48:15 -08:00 |
|
shivkumar dudhani
|
1e5f871665
|
lowercase the cmdline arg
|
2020-01-08 16:40:19 -08:00 |
|
Shuting Zhao
|
5924bcae40
|
remove duplicate structure definition
|
2020-01-08 10:44:41 -08:00 |
|
Shuting Zhao
|
472fa29fce
|
move mutation to subpackage pkg/engine/mutate
|
2020-01-07 17:06:17 -08:00 |
|
Shivkumar Dudhani
|
3cf9141f4d
|
593 feature (#594)
* initial commit
* background policy validation
* correct message
* skip non-background policy process for add/update
* add Generate Request CR
* generate Request Generator Initial
* test generate request CR generation
* initial commit gr generator
* generate controller initial framework
* add crd for generate request
* gr cleanup controller initial commit
* cleanup controller initial
* generate mid-commit
* generate rule processing
* create PV on generate error
* embed resource type
* testing phase 1- generate resources with variable substitution
* fix tests
* comment broken test #586
* add printer column for state
* return if existing resource for clone
* set resync time to 2 mins & remove resource version check in update handler for gr
* generate events for reporting
* fix logs
* initial commit
* fix trailing quote in patch
* remove comments
* initial condition (equal & notequal)
* initial support for conditions
* initial support fo conditions in generate
* support precondition checks
* cleanup
* re-evaluate GR on namespace update using dynamic informers
* add status for generated resources
* display loaded variable SA
* support delete cleanup of generate request main resources
* fix log
* remove namespace from SA username
* support multiple variables per statement for scalar values
* fix fail variables
* add check for userInfo
* validation checks for conditions
* update policy
* refactor logs
* code review
* add openapispec for clusterpolicy preconditions
* Update documentation
* CR fixes
* documentation
* CR fixes
* update variable
* fix logs
* update policy
* pre-defined variables (serviceAccountName & serviceAccountNamespace)
* update test
|
2020-01-07 15:13:57 -08:00 |
|
Shuting Zhao
|
08491df046
|
Merge commit 'ffd2179b0332738a088b362e94147a981f0d02ed' into 600_bug
# Conflicts:
# pkg/webhooks/mutation.go
|
2020-01-07 14:17:25 -08:00 |
|
Shuting Zhao
|
259c8839e5
|
remove duplicate import pkg
|
2020-01-07 11:33:18 -08:00 |
|
Shuting Zhao
|
cafc3883a4
|
- fix validation to process on patched resource; - format code
|
2020-01-07 11:32:52 -08:00 |
|
Shivkumar Dudhani
|
ffd2179b03
|
538 (#587)
* initial commit
* background policy validation
* correct message
* skip non-background policy process for add/update
* add Generate Request CR
* generate Request Generator Initial
* test generate request CR generation
* initial commit gr generator
* generate controller initial framework
* add crd for generate request
* gr cleanup controller initial commit
* cleanup controller initial
* generate mid-commit
* generate rule processing
* create PV on generate error
* embed resource type
* testing phase 1- generate resources with variable substitution
* fix tests
* comment broken test #586
* add printer column for state
* return if existing resource for clone
* set resync time to 2 mins & remove resource version check in update handler for gr
* generate events for reporting
* fix logs
* cleanup
* CR fixes
* fix logs
|
2020-01-07 10:33:28 -08:00 |
|
Shuting Zhao
|
c97b3ce5b0
|
fetch annotation from resource annotation map
|
2020-01-06 19:24:24 -08:00 |
|
Shuting Zhao
|
dcc3179b09
|
remove dclient from pvbuilder
|
2020-01-06 18:53:36 -08:00 |
|
Shuting Zhao
|
ecbbd04bc5
|
- remove policy violation created on owner and related logic; - use generic call to create violation info
|
2020-01-06 17:07:11 -08:00 |
|
shivkumar dudhani
|
38dcb2e94f
|
flag to use FQDN as CommonName in CSR
|
2020-01-06 16:12:53 -08:00 |
|
Shuting Zhao
|
9194251a38
|
fix pod controller annotation to "none"
|
2020-01-06 14:41:25 -08:00 |
|
Shuting Zhao
|
77955ff212
|
change the policy action to operate on it's own validationFailureAction
|
2020-01-06 14:41:02 -08:00 |
|
Shuting Zhao
|
f5411c1c76
|
update policymutation_test
|
2020-01-03 15:19:33 -08:00 |
|
Shuting Zhao
|
dce1e0555a
|
move helper to pkg/utils
|
2020-01-03 10:41:47 -08:00 |
|
Shuting Zhao
|
0c9053d50d
|
register resource webhook in policy control loop
|
2020-01-02 20:25:30 -08:00 |
|
Shuting Zhao
|
956cb0559a
|
- register resource webhook when policy controller starts; - add debug log
|
2020-01-02 19:12:45 -08:00 |
|
Shuting Zhao
|
b5192dc559
|
remove old crd namespacedpolicyviolation
|
2020-01-02 15:33:57 -08:00 |
|
Shuting Zhao
|
b493600754
|
remove omitemptu on pocliy.spec and policy.spec.rules
|
2020-01-02 12:17:47 -08:00 |
|
Shuting Zhao
|
d36934fe11
|
Merge commit '5b8ab3842b43a72cc675b93b8b72e290adfca1d2' into 518_pod_controller
# Conflicts:
# pkg/api/kyverno/v1/types.go
# pkg/engine/mutation.go
# pkg/engine/mutation_test.go
# pkg/engine/validation.go
# pkg/policy/existing.go
|
2020-01-02 10:32:17 -08:00 |
|
Shivkumar Dudhani
|
5b8ab3842b
|
Support variable substitution (#549)
* initial commit
* variable substitution
* update tests
* update test
* refactor engine packages for validate & generate
* update vendor
* update toml
* support variable substitution in overlay mutation
* missing update
* fix indentation in logs
* store context values as single JSON document using merge patches.
* remove duplicate functions
* fix message string
* Handle processing of policies in background (#569)
* remove condition check while generating mutation patch as conditions are verified in the first iteration
* initial commit
* background policy validation
* correct message
* skip non-background policy process for add/update
* fix order to correct policy registration
* update comment
Co-authored-by: shuting <shutting06@gmail.com>
* refactor
Co-authored-by: shuting <shutting06@gmail.com>
|
2019-12-30 17:08:50 -08:00 |
|
Shuting Zhao
|
56c03f712a
|
only generate rule on policy creation
|
2019-12-27 15:57:43 -08:00 |
|
Shuting Zhao
|
bae2865550
|
- add =() to volumes; - update error msg
|
2019-12-27 14:59:12 -08:00 |
|
Shuting Zhao
|
340dee24bc
|
Merge branch 'master' into 544_documentation
# Conflicts:
# pkg/engine/overlay_test.go
|
2019-12-27 13:04:07 -08:00 |
|
Shuting Zhao
|
f2a0f0e3dc
|
replace annotation match by regexp
|
2019-12-27 12:57:06 -08:00 |
|
Shuting Zhao
|
eb6ab9d2d8
|
fix rule mis-application
|
2019-12-26 19:05:12 -08:00 |
|
Shuting Zhao
|
076196688e
|
skip process existing pod if annotation present
|
2019-12-26 18:41:14 -08:00 |
|
Shuting Zhao
|
f0d943e970
|
Merge branch 'master' into 518_pod_controller
|
2019-12-26 15:35:23 -08:00 |
|
Shuting Zhao
|
54ecb7738a
|
- insert annotation to podTemplate; - skip apply rule on pod if annotation exists
|
2019-12-26 15:34:19 -08:00 |
|
Shivkumar Dudhani
|
085856baa1
|
add event source and format event messages (#565)
|
2019-12-26 11:50:41 -08:00 |
|
Shuting Zhao
|
b5255893e3
|
update autogen annotation for pod controllers
|
2019-12-26 10:09:49 -08:00 |
|
Shuting Zhao
|
a8aa83573b
|
fix merge error
|
2019-12-20 19:08:26 -08:00 |
|
Shuting Zhao
|
1f0187e8ea
|
Merge commit 'f1330ede8234eb4d449eb9ec72b41c627488350d' into 518_pod_controller
|
2019-12-20 19:06:35 -08:00 |
|
Shuting Zhao
|
8be4db3de3
|
Merge branch '529_query' into 518_pod_controller
|
2019-12-20 18:55:08 -08:00 |
|
Shuting Zhao
|
cc87ea7339
|
add unit test
|
2019-12-20 18:53:44 -08:00 |
|
Shuting Zhao
|
74b85d8143
|
generate rule for pod controllers
|
2019-12-20 18:53:29 -08:00 |
|
Shuting Zhao
|
e3a8cabe8d
|
add omitempty to types
|
2019-12-20 18:51:07 -08:00 |
|
shivkumar dudhani
|
d04f49b5d8
|
fix message string
|
2019-12-17 17:16:50 -08:00 |
|
shivkumar dudhani
|
2a56a8e043
|
remove duplicate functions
|
2019-12-17 16:37:52 -08:00 |
|
shivkumar dudhani
|
a86aa06e28
|
Merge branch 'master' into 529_query
|
2019-12-17 16:36:58 -08:00 |
|
shivkumar dudhani
|
615f1ae940
|
Merge branch 'master' into 529_query
|
2019-12-17 16:22:00 -08:00 |
|
shivkumar dudhani
|
38987d50c3
|
store context values as single JSON document using merge patches.
|
2019-12-17 16:06:13 -08:00 |
|
Shuting Zhao
|
0d71e4a669
|
remove condition check while generating mutation patch as conditions are verified in the first iteration
|
2019-12-16 18:26:38 -08:00 |
|
shuting
|
4149d706e8
|
Merge pull request #558 from nirmata/428_quantity
implement quantity comparison
|
2019-12-16 15:53:09 -08:00 |
|
Shivkumar Dudhani
|
39e08aa1fc
|
76 cache invalidate (#557)
* invalidate local cache of registererd resources
* update client in initContainer
* update message
|
2019-12-16 12:55:44 -08:00 |
|
Shuting Zhao
|
35adbbe0df
|
convert type boolean to string in /metadata/annotation
|
2019-12-13 18:04:19 -08:00 |
|
Shuting Zhao
|
5ced2409a3
|
update test
|
2019-12-13 13:30:24 -08:00 |
|
Shuting Zhao
|
0969aa9bf9
|
implement quantity comparison
|
2019-12-13 13:17:22 -08:00 |
|
shivkumar dudhani
|
793d878b18
|
correct webhook endpoint
|
2019-12-13 11:13:58 -08:00 |
|
shivkumar dudhani
|
c4da72ad3e
|
fix indentation in logs
|
2019-12-13 09:49:09 -08:00 |
|
Shuting Zhao
|
625e45c847
|
remove duplicate code
|
2019-12-12 18:55:40 -08:00 |
|
shivkumar dudhani
|
0bd05fd227
|
missing update
|
2019-12-12 18:48:53 -08:00 |
|
shivkumar dudhani
|
5659f2fbcf
|
merge master
|
2019-12-12 18:44:52 -08:00 |
|
shivkumar dudhani
|
8414681e60
|
support variable substitution in overlay mutation
|
2019-12-12 18:25:54 -08:00 |
|
shivkumar dudhani
|
10fc1b47ba
|
Merge branch 'master' into v1.1.0
|
2019-12-12 16:54:42 -08:00 |
|
shivkumar dudhani
|
745727fd70
|
add missing files
|
2019-12-12 16:35:37 -08:00 |
|
shivkumar dudhani
|
a19785261d
|
Merge branch '524_bug' into v1.1.0
|
2019-12-12 16:25:50 -08:00 |
|
shivkumar dudhani
|
b5de11fc0e
|
refactor engine packages for validate & generate
|
2019-12-12 15:02:59 -08:00 |
|
shivkumar dudhani
|
507c43ddca
|
update test
|
2019-12-12 10:55:10 -08:00 |
|
shivkumar dudhani
|
8b1e084691
|
update tests
|
2019-12-12 10:47:25 -08:00 |
|
shivkumar dudhani
|
7c9bc6fecf
|
variable substitution
|
2019-12-12 10:19:45 -08:00 |
|
Shuting Zhao
|
2c783cfe02
|
rename namespacedpolicyviolation: update code
|
2019-12-11 16:09:05 -08:00 |
|
Shuting Zhao
|
a107ad7ac8
|
rename namespacedpolicyviolation: update codegen
|
2019-12-11 16:07:39 -08:00 |
|
shivkumar dudhani
|
4c55fe00bc
|
Merge branch 'v1.1.0' into 524_bug
|
2019-12-11 11:21:31 -08:00 |
|
shivkumar dudhani
|
75eee39d7d
|
remove fix for 535
|
2019-12-11 11:18:38 -08:00 |
|
shivkumar dudhani
|
ad54683f71
|
CR fixes
|
2019-12-11 11:15:13 -08:00 |
|
shuting
|
f06b19bb14
|
Merge pull request #525 from nirmata/421_test_webhook
421 test webhook
|
2019-12-11 11:13:37 -08:00 |
|
shivkumar dudhani
|
12edc56613
|
initial commit
|
2019-12-11 09:45:22 -08:00 |
|