Charles-Edouard Brétéché
|
451d362104
|
feat: add more granular rbac rules to remove wildcards (#9507)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-24 16:07:18 +00:00 |
|
Khaled Emara
|
3ef598c155
|
chore(helm): omit normal events by default (#9493)
* chore(helm): omit normal events by default
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
* fix(tests): fix tests related to events
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
---------
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-01-24 13:16:18 +01:00 |
|
Vishal Choudhary
|
87c7ce254a
|
feat: add skipImageReferences in verify images (#8633)
* feat: add skipImageReferences in verify images
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: chainsaw tests
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: chainsaw-test.yaml
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* fix: typo in assert
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-23 12:27:39 +00:00 |
|
Charles-Edouard Brétéché
|
0ec8e2292c
|
fix: align clusterroles and bindings names (#9482)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-22 15:37:20 +00:00 |
|
Charles-Edouard Brétéché
|
2f4b823030
|
feat: improve crd migration helm hooks (#9481)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-22 14:13:29 +00:00 |
|
Mariam Fahmy
|
5fc7e96890
|
feat: migrate existing cleanup policies to the new storage version in helm hook (#9420)
* feat: migrate existing cleanup policies to the new storage version in helm hook
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix codegen
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: use kyverno CLI migrate command
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2024-01-22 12:53:36 +01:00 |
|
Khaled Emara
|
566db3abfd
|
helm: add profiling support (#9338)
Signed-off-by: Khaled Emara <khaled.emara@nirmata.com>
|
2024-01-22 02:08:43 +00:00 |
|
Mariam Fahmy
|
ea748276bb
|
feat: migrate existing policy exceptions to the new storage version in helm hook (#9412)
* feat: migrate existing policy exceptions to the new storage version in helm
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: add permissions for the admission controller to patch exceptions
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix codegen
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* move migration hook to a separate directory
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* use cli
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: update admission controller permissions
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2024-01-21 20:13:56 +00:00 |
|
shuting
|
6e5e7c745a
|
update bitnami/kubectl (#9408)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2024-01-16 06:04:29 +00:00 |
|
Gurmannat Sohal
|
6902a2b092
|
Unit tests for Pod Security Admission Integrations (#8585)
* feat: enable field-restricted exclusions using the psa
Signed-off-by: Liang Deng <283304489@qq.com>
* fix ci error
Signed-off-by: Liang Deng <283304489@qq.com>
* fix ci error
Signed-off-by: Liang Deng <283304489@qq.com>
* initial unit tests
* Add all remaining unit tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fine grain unit tests by adding fields and values
* add detailed pod level exclusion and related tests
* add tests for init & ephemeral containers
* add kuttl tests for the new advanced support
* add kuttl tests for the new advanced support
* add readme for kuttl tests
* add replacement in go.mod
* resolving CI errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix ci errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix ci errors
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* updating pod-security-admissio
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* resolving null pointer panic
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* resolved conformance error
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* chainsaw
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chainsaw
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* remove duplication
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix linting
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* remove over computation
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* added field checks, pss skip condition
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* correcting chainsaw tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* merge branch 'main' into unit-tests
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
* fix builds
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Liang Deng <283304489@qq.com>
Signed-off-by: Gurmannat Sohal <iamgurmannatsohal@gmail.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: Gurmannat Sohal <95538438+itsgurmannatsohal@users.noreply.github.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Liang Deng <283304489@qq.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-12-26 22:28:08 +08:00 |
|
Charles-Edouard Brétéché
|
1ef82ab530
|
feat: stop serving v2alpha1 cleanup policies (#9270)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-12-25 20:42:19 +00:00 |
|
Mariam Fahmy
|
5f09fa810c
|
chore: introduce v2 for updaterequests (#9267)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-23 00:09:02 +00:00 |
|
Charles-Edouard Brétéché
|
2b5aef75f1
|
feat: add cleanup policies v2 (#9261)
* feat: add cleanup policies v2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-12-22 20:43:27 +02:00 |
|
Mariam Fahmy
|
6bffca067a
|
chore: introduce v2 for internal reports resources (#9262)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-22 14:09:00 +00:00 |
|
Mariam Fahmy
|
b61a1f3d18
|
fix: set v2beta1 of exceptions the storage version (#9254)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-12-22 10:13:58 +00:00 |
|
Honnix
|
47cafaabd3
|
Support more signature algorithms (#9102)
* Support more signature algorithms
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix codegen
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fail loudly for unsupported algorithm
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix codegen
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
* Fix more
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
---------
Signed-off-by: Hongxin Liang <honnix@users.noreply.github.com>
Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-12-21 13:27:33 +05:30 |
|
Mariam Fahmy
|
d5e5219601
|
chore: remove v2alpha1 version of policy exceptions (#9211)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-19 16:27:08 +00:00 |
|
Mariam Fahmy
|
8e0a7aa204
|
feat: promote policy exceptions to v2 (#9208)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-19 10:43:39 +00:00 |
|
shuting
|
7282ecca9f
|
fix: add skipBackgoundRequests to configure loop protection option (#9157)
* fix typo
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add new attribute skipBackgroundRequests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* move to per rule config
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* check flag
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* clean up
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update docs
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix logger
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add retryCount to ur.status
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add chainsaw tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-12-19 06:25:12 +00:00 |
|
Charles-Edouard Brétéché
|
f8de6810fa
|
fix: enable additional report printers by default (#9194)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-12-18 17:38:41 +00:00 |
|
Mariam Fahmy
|
e22cd9818f
|
fix: deprecate spec.schemaValidation (#9189)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-12-18 16:32:11 +00:00 |
|
Dirk Pahl
|
d8c2c5818d
|
Make server ports configurable, resolves #7279 (#7728)
* Make server ports configurable, resolves #7279
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* Make server ports configurable, resolves #7279
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* Switch to flags instead of env vars
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* Could not use internal package in webhooks pkg
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* Add helm chart changes
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* make codegen-docs-all
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
* make codegen-manifest-all
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
---------
Signed-off-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
Co-authored-by: Dirk Pahl <dirk.pahl@deutschebahn.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-11-17 14:19:53 +00:00 |
|
Matt Dainty
|
94281b0c95
|
fix: Add chart parameters for setting revisionHistoryLimit (#8907)
Signed-off-by: Matt Dainty <matt@bodgit-n-scarper.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
|
2023-11-16 18:50:17 +00:00 |
|
Chandan-DK
|
cafc0990f9
|
fix: generate policy fails if triggered resource name exceeds 63 characters limit (#8466)
* fix: generate label resource name character length issue
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* add source label
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* modify newUR function
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* fix
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* improve readability
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* remove generate source name label
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* Revert changes
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* update ResourceSpec
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* add URGenerateResourceUIDLabel
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* make codegen crds all
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* make codegen client all
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* add GenerateSourceUIDLabel
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* modify comment
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* make codegen crds all
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* make codegen-docs-all
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* make codegen-all
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* set trigger uid
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* add uid in transform()
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* add name label
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* fix: use resource name labels along with its UID
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: use the resource name label only if its uid label isn't set
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* add kuttl tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: delete the trigger resource in the test
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: delete the source in the kuttl test
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* add generate trigger uid label
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* modify TriggerInfo function
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* populate uid field for new update requests
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* populate new ur spec with uid
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* handle downstream resources cleanup
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* populate uid of ur status
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
* fetch triggers by the UID label
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* label triggers
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fetch trigger by comparing UID
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fetch cloneList downstream resource by UID
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update test names
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove trigger name label assertions from kuttl tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add unit name selector
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add sleep
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* assert events on failures
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* rename tests
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Chandan-DK <chandandk468@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: shuting <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-11-06 10:37:13 +00:00 |
|
Vishal Choudhary
|
99c5f66fab
|
feat: update verify images types with better descriptions (#8779)
* feat: update verify images types with better descriptions
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
* feat: revert cert and certchain
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
---------
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-10-31 04:52:07 +00:00 |
|
shuting
|
5ded401db7
|
Revert "add secrets name in background-controller's role (#8721)" (#8752)
This reverts commit 580c02ce76.
|
2023-10-27 07:38:46 +00:00 |
|
Rakshit Gondwal
|
b574802c12
|
feat: support conditions in PolicyException (#8577)
* feat: support conditions in PolicyException
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* fix matchesException func
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* add codegen-all files
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* fix after review
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* remove variable validation from PolicyException
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* fix after review
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* add kuttl tests
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* remove ValidateVariables() from tests
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* fix errors
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* remove check-variables kuttl test
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* fix after review
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
* add sleep step to kuttl
Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>
* miinor fix
Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>
* add readme for kuttl test
Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>
---------
Signed-off-by: Rakshit Gondwal <rakshitgondwal3@gmail.com>
Signed-off-by: Rakshit Gondwal <98955085+rakshitgondwal@users.noreply.github.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
|
2023-10-24 10:45:52 +00:00 |
|
shuting
|
580c02ce76
|
add secrets name in background-controller's role (#8721)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
|
2023-10-24 09:14:34 +00:00 |
|
Mariam Fahmy
|
e21c869254
|
fix: add permissions to secrets for background controller role (#8690)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
|
2023-10-23 13:01:20 +00:00 |
|
Vishal Choudhary
|
e1e521910e
|
[Helm] AdmissionReport cleanup job tag bump (#8708)
* update chart metadata
Signed-off-by: chipzoller <chipzoller@gmail.com>
* bump tag
Signed-off-by: chipzoller <chipzoller@gmail.com>
* adjust name
Signed-off-by: chipzoller <chipzoller@gmail.com>
* do not validate maintainers
Signed-off-by: chipzoller <chipzoller@gmail.com>
* feat: update codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update codegen
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: update kubeversion in helm template
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: chipzoller <chipzoller@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: chipzoller <chipzoller@gmail.com>
|
2023-10-23 17:13:07 +08:00 |
|
Vishal Choudhary
|
adfa193197
|
feat: fix outdated description of imageregistrycredentials (#8688)
* feat: fix outdated description of imageregistrycredentials
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* feat: generate crd
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-10-19 18:50:43 +00:00 |
|
Mariam Fahmy
|
d688af2539
|
fix: allow cleanup controller to update the policy status (#8681)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-10-18 21:22:42 +08:00 |
|
Erik Godding Boye
|
dbc55c1c05
|
fix(helm): add missing policyexceptions RBAC to background-controller (#8648)
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-10-16 07:43:17 +00:00 |
|
Mariam Fahmy
|
e969248483
|
chore: bump cleanup policies to v2beta1 (#8621)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-10-12 19:45:33 +08:00 |
|
Mariam Fahmy
|
3d382e0e01
|
feat: move crds to a subchart (#8623)
* feat: move crds to a subchart
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* update codegen
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update crd configs: annotations and install options
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update default crd installation configuration to true
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* reset annotations
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update chart readme
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove subchart crd install option
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update crd chart version
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* configure crds labels
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix chart yaml file
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* revert crd subchart version to 0.0.0
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update install.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
|
2023-10-12 10:22:49 +00:00 |
|
Rodrigo Fior Kuntzer
|
9c64b10cd2
|
fix: allow dropping metrics, labels and configuring histogram bucket boundaries to avoid high cardinality. (#8569)
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
Co-authored-by: shuting <shuting@nirmata.com>
|
2023-10-12 09:50:27 +00:00 |
|
shuting
|
360bcc83ee
|
Revert "chore: bump cleanup policies to v2beta1 (#8594)" (#8609)
This reverts commit fff3ad047e.
|
2023-10-09 15:01:24 +00:00 |
|
Mariam Fahmy
|
fff3ad047e
|
chore: bump cleanup policies to v2beta1 (#8594)
* chore: bump cleanup policies to v2beta1
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: remove the support of v2alpha1 cleanup policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-10-09 19:37:15 +08:00 |
|
Mariam Fahmy
|
cd986849d5
|
fix: use v2beta1 of policy exceptions (#8587)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-10-09 15:27:25 +08:00 |
|
Mariam Fahmy
|
b80963374f
|
chore: enable policy exceptions by default (#8545)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-09-27 17:40:13 +00:00 |
|
Charles-Edouard Brétéché
|
3ae4c50440
|
fix: remove cronjobs from cleanup controller rbac (#8529)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-09-26 14:13:11 +00:00 |
|
Mariam Fahmy
|
7add300ffa
|
feat: remove the creation of cronjobs in cleanup controller (#8526)
* feat: remove the creation of cronjobs in cleanup controller
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: use lastExecutionTime instead of nextExecutionTime
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-09-26 12:02:17 +02:00 |
|
Mariam Fahmy
|
7db8800b87
|
chore: move policy exceptions to beta (#8378)
* chore: move policy exceptions to beta
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix kuttl test
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: keep v2alpha1 as the storage version
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: avoid using type aliases
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-09-14 14:23:51 +00:00 |
|
Mariam Fahmy
|
8732183cc6
|
feat: generate backgroundscan reports for validating admission policies (#8135)
* feat: generate backgroundscan reports for validating admission policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: skip validate check images if errors are encourted when validating the resource
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-09-05 11:42:17 +00:00 |
|
Vishal Choudhary
|
478d324007
|
feat: remove description from deprecated fields (#8186)
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
|
2023-08-31 22:23:44 +00:00 |
|
Mariam Fahmy
|
c583b64120
|
feat: generate validating admission policies and their bindings from Kyverno policies (#7840)
* feat: generate validating admission policies and their bindings from Kyverno policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add generate VAPs feature flag
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: use container flags instead of feature flags
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: limit VAP generation to cluster policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add policy checks for generating VAPs
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: rename package
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: translate match/exclude resources in Kyverno policies to their alternatives in validating admission policies
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add vap info in kyverno policy status
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: delete the translation of
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add kuttl tests
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add generateValidatingAdmissionPolicy feature flag in the helm chart
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* chore: update codegen
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* feat: add validating admission policy kuttl tests in the workflow
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: check K8s server version
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix lint issue
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: remove the kind config of VAPs
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
---------
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
|
2023-08-31 10:25:21 +00:00 |
|
Vishal Choudhary
|
62634af6aa
|
feat: migrate ignoreSCT from rekor to ctlog (#8166)
* feat: migrate ignoreSCT from rekor to ctlog
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
* fix: update tests for new crd
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
---------
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-30 08:39:49 +02:00 |
|
Charles-Edouard Brétéché
|
0f9fe30c08
|
feat: allow overriding ca and tls secret names (#8137)
* feat: allow overriding ca and tls secret names
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---------
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-28 14:05:49 +00:00 |
|
Charles-Edouard Brétéché
|
ba2a787434
|
fix: conditions v2beta1 help (#8115)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-25 08:49:24 +00:00 |
|
Mariam Fahmy
|
10172ae8e0
|
feat: support variables for CEL in Kyverno policies (#8103)
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
|
2023-08-24 10:00:27 +00:00 |
|