kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00

Author	SHA1	Message	Date
Shuting Zhao	5dcb03e6f5	tag v1.3.6-rc5 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-13 12:44:34 -07:00
Shuting Zhao	edd33a6d09	tag v1.3.6-rc4 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-10 10:18:38 -07:00
Shuting Zhao	55a987ed5e	tag v1.3.6-rc3 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-07 19:03:43 -07:00
Shuting Zhao	dfaf675185	tag v1.3.6-rc2 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-05-07 12:15:57 -07:00
Nicolas Lamirault	9bdde7abea	Resources for initContainers (#1871 ) * Add: resources for initContainers Signed-off-by: Nicolas Lamirault <nicolas.lamirault@gmail.com> * Update: increase memory limit for init container Signed-off-by: Nicolas Lamirault <nicolas.lamirault@gmail.com> * Add: init container resources Signed-off-by: Nicolas Lamirault <nicolas.lamirault@gmail.com> * Fix: kustomize CRD Signed-off-by: Nicolas Lamirault <nicolas.lamirault@gmail.com>	2021-05-07 09:53:00 -07:00
Shuting Zhao	7e575d0e19	tag v1.3.6-rc1 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-29 15:03:48 -07:00
Shuting Zhao	4a4fdc54ee	release v1.3.5 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-16 14:04:00 -07:00
Shuting Zhao	a4b639f754	tag v1.3.5-rc5 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-15 17:35:25 -07:00
Shuting Zhao	3f18b5f7df	tag v1.3.5-rc3 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-14 13:12:12 -07:00
shuting	9dab21619f	Match endpoint to the exact Kyverno Pod's IP (#1787 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com> * match endpoint ip with the exact pod ip Signed-off-by: Shuting Zhao <shutting06@gmail.com> * - add tag "app.kubernetes.io/name"; - reduce throttling requests when deletes webhook configs Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add [SelfSubjectAccessReview,,] to resource filters Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-12 20:29:51 -07:00
shuting	f3ca1d78f1	Fix log message (#1779 ) * update log message Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update printer column - validation failure action Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-08 12:10:30 -07:00
Shuting Zhao	6f41acde03	tag v1.3.5-rc3 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-06 11:13:56 -07:00
Vyankatesh Kudtarkar	3ab75095b7	remove permission (#1758 ) * remove permission Signed-off-by: vyankatesh <vyankatesh@neualto.com> * remove duplicate resource Signed-off-by: vyankatesh <vyankatesh@neualto.com> Co-authored-by: vyankatesh <vyankatesh@neualto.com>	2021-04-02 11:22:59 -07:00
Shuting Zhao	a1d9cdd14b	tag v1.3.5-rc2 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-04-01 13:57:33 -07:00
treydock	91713ee566	Check webhooks are present during liveness (#1748 ) Fixes #1747 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>	2021-03-31 12:44:56 -07:00
Yuto Takahashi	e2cb30e752	Allow generatecontroller to handle Roles (#1739 ) * Allow generateoperator to handle Roles Signed-off-by: Yuto Takahashi <ytaka23dev@gmail.com> * Restore the releasable manifest Signed-off-by: Yuto Takahashi <ytaka23dev@gmail.com>	2021-03-29 22:48:41 -07:00
Shuting Zhao	cd5070191f	correct tag Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-26 15:47:11 -07:00
Shuting Zhao	0c860b7327	release v1.3.5-rc1 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-26 15:14:05 -07:00
Shuting Zhao	669f01e9d2	add flag to kyverno's manifest Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-22 19:19:12 -07:00
shuting	c8a41d83f7	Update Dockerfile; remove securityContext runAsUser (#1695 ) * - run Kyverno with specific uid; - remove "runAsUser" from deployment manifest Signed-off-by: Shuting Zhao <shutting06@gmail.com> * add LD_FLAGS when push Kyverno images Signed-off-by: Shuting Zhao <shutting06@gmail.com> * start Kyverno with UID 10001 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * update initContainer and CLI Dockerfiles Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-10 14:47:09 -08:00
Shuting Zhao	592394df02	release v1.3.4	2021-03-05 10:56:02 -08:00
Shuting Zhao	edbd7bf222	release v1.3.4-rc1 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-03-03 12:00:31 -08:00
Arsh Sharma	ccfe8c443c	fix: added details regarding match.resources (#1654 ) * fix: added details regarding match.resources Signed-off-by: Arsh Sharma <arshsharma461@gmail.com> * fix: made revisions Signed-off-by: Arsh Sharma <arshsharma461@gmail.com> * fix: removed if not statement Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>	2021-03-03 11:22:45 -08:00
Yashvardhan Kukreja	10c714d5ba	feat: [preconditions, conditions] added backwards-compatible support for logical operators (#1604 ) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>	2021-03-01 20:31:06 -08:00
Arsh Sharma	da8e449d3c	fix: removed validator (#1646 ) Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>	2021-02-26 11:27:21 -08:00
Arsh Sharma	a0d28f0b16	fix: list operators in deny conditions (#1641 ) * fix: list operators in deny conditions Signed-off-by: Arsh Sharma <arshsharma461@gmail.com> * fix: regenerated YAMLs Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>	2021-02-25 19:13:35 -08:00
shuting	6fc349716c	Switch to use annotations to store resource info in cluster/reportChangeRequest (#1625 ) * skip sending API request for filtered resource * fix PR comment Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fixes https://github.com/kyverno/kyverno/issues/1490 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix bug - namespace is not returned properly Signed-off-by: Shuting Zhao <shutting06@gmail.com> * reduce throttling - list resource using lister * refactor resource cache * fix test Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix label selector Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix build failure Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fixes #1480 * store resource name and kind in (c)rcr's annotation	2021-02-19 09:09:41 -08:00
Shuting Zhao	f6192d08b0	release v1.3.3	2021-02-16 13:49:50 -08:00
Shuting Zhao	b9a64ea41d	release v1.3.2 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-02-09 10:59:44 -08:00
Shuting Zhao	db1bfba3f8	release v1.3.2-rc3	2021-02-08 18:15:28 -08:00
Shuting Zhao	77a94fda6b	add "watch" to cluster role kyverno:policycontroller Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-02-08 17:35:35 -08:00
Shuting Zhao	a00d9b1cc9	release v1.3.2-rc2	2021-02-03 14:19:46 -08:00
Jim Bugwadia	ba9d003774	update APICall docs (#1534 ) Signed-off-by: Jim Bugwadia <jim@nirmata.com>	2021-02-03 13:10:02 -08:00
Pooja Singh	32522e7827	namespace selector (#1532 ) * updated crd with namespace selector Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added logic for validate Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added condition in utils for namespace labels Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added function for extracting namespace label using lister Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added logic for generate Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added lister in generate Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * commented generate controller changes Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added ns lister Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added ns label in apply.go Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added ns label in generation.go Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added ns label in mutation.go Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * added ns label for validation Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com> * using dynaminc informer Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>	2021-02-03 13:09:42 -08:00
Jim Bugwadia	e8e3b93a5f	api server lookups (#1514 ) * initial commit for api server lookups Signed-off-by: Jim Bugwadia <jim@nirmata.com> * initial commit for API server lookups Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Enhancing dockerfiles (multi-stage) of kyverno components and adding non-root user to the docker images (#1495) * Dockerfile refactored Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * Adding non-root commands to docker images and enhanced the dockerfiles Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * changing base image to scratch Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * Minor typo fix Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * changing dockerfiles to use /etc/passwd to use non-root user' Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * minor typo Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> * minor typo Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * revert cli image name (#1507) Signed-off-by: Raj Babu Das <mail.rajdas@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Refactor resourceCache; Reduce throttling requests (background controller) (#1500) * skip sending API request for filtered resource * fix PR comment Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fixes https://github.com/kyverno/kyverno/issues/1490 Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix bug - namespace is not returned properly Signed-off-by: Shuting Zhao <shutting06@gmail.com> * reduce throttling - list resource using lister * refactor resource cache * fix test Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix label selector Signed-off-by: Shuting Zhao <shutting06@gmail.com> * fix build failure Signed-off-by: Shuting Zhao <shutting06@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix merge issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix unit test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add nil check for API client Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Raj Babu Das <mail.rajdas@gmail.com> Co-authored-by: shuting <shutting06@gmail.com>	2021-02-01 12:59:13 -08:00
Shuting Zhao	7d8c404922	generate 1.3.2-rc1	2021-01-24 21:06:30 -08:00
Shuting Zhao	aca98d3748	release v1.3.1 Signed-off-by: Shuting Zhao <shutting06@gmail.com>	2021-01-19 12:06:26 -08:00
Shuting Zhao	a3aad806a8	release v1.3.0	2021-01-12 12:08:02 -08:00
Shuting Zhao	b0966de04d	release v1.3.0-rc12	2021-01-08 18:18:30 -08:00
shuting	3908808e7a	Rename filterK8Resources to filterK8sResources (#1452 ) * Remove lock embedded in CRD controller, use concurrent map to store shcemas * delete rcr info from data store * skip policy validation on status update * - remove status check in policy mutation; - fix test * Remove fqdncn flag * add flag profiling port * skip policy mutation & validation on status update * sync policy status every minute * update log messages * rename filterK8Resources to filterK8sResources	2021-01-07 11:27:50 -08:00
Jim Bugwadia	e23a25b68c	release v1.3.0-rc11	2021-01-03 20:41:00 -08:00
Jim Bugwadia	cb06e64e03	release 1.3.0-rc10	2021-01-02 01:26:42 -08:00
Jim Bugwadia	c4296d2282	release 1.3.0-rc9	2021-01-01 17:15:01 -08:00
shuting	3c5f9f8888	1398 - Reduce RCR throttling requests (#1406 ) * reduce RCR throttling requests by merging policy application (policy - namespace) results into single RCR * - refactor policy controller; - fix RCR issue * - refactor RCR controller; - fix cpolr on ns update; - reduce throttling when getting resources; - fix tests * update CRD schema * fix typo	2020-12-21 11:04:19 -08:00
Shuting Zhao	8b1d84f32c	increase memory limit to 256 Mi	2020-12-15 17:55:01 -08:00
Jim Bugwadia	8f5795725b	update CRDs	2020-12-14 02:56:21 -08:00
Shuting Zhao	ce19b5668d	tag v1.3.0-rc8	2020-12-09 09:31:33 -08:00
Shuting Zhao	d8d90235f3	tag v1.3.0-rc7	2020-12-07 12:32:04 -08:00
Jim Bugwadia	981bb1cf2d	update CRDs	2020-12-02 12:26:59 -08:00
Jim Bugwadia	76b6974fc2	update CRD docs	2020-12-01 23:19:08 -08:00

1 2 3 4 5 ...

317 commits