kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-11 02:16:53 +00:00

History

Vishal Choudhary e9e44291bf Support for Cosign 2.0 (#7248 ) * cosign 2.0 version upgrade Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * IgnoreTlog and IgnoreSCT updated Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * removed cli packages Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * lazy evaluate vars in conditions (#7238) * lazy evaluate vars in conditions Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unnecessary conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/conditions/03-manifests.yaml Signed-off-by: shuting <shutting06@gmail.com> * Update test/conformance/kuttl/validate/clusterpolicy/standard/variables/lazyload/README.md Signed-off-by: shuting <shutting06@gmail.com> * added error check in test Signed-off-by: Jim Bugwadia <jim@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shutting06@gmail.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * in-toto-golang update Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added rekor Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * quote image in error (#7259) Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: auto update webhooks not configuring fail endpoint (#7261) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix latest version check (#7263) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270) Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/svenstaro/upload-release-action/releases) - [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md) - [Commits](`7319e4733e...58d5258088`) --- updated-dependencies: - dependency-name: svenstaro/upload-release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.6 to 0.15.0 (#7272) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.6 to 0.15.0. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add yaml util to check empty document (#7276) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * go mod update Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * removed cosign 1.13.1 dependency Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added default rekor url Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated cosign option Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * go mod update Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * go sum fix Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * NIT Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix failing test: Test_VerifyManifest_MustAll_InvalidYAML Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * suggestions from jim Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * go mod fix Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updates to cosign verification Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * kuttl test ignore sct Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * go mod fixes Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * go mod update Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * downgrading gcr version Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * null pointer error Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated failing cli tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated kuttl test with complete subjects Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fixed issue with wildcard replacement Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * engine tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * removed conflicts with notary Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated go mod Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * codegen and test Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added pubkeys test Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * add default CTLogPubKeys Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * cleanup Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * unwanted test Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: auth checks with the APIVersion and the subresource (#7628) * fix auth checks with apiVersion and subresource Signed-off-by: ShutingZhao <shuting@nirmata.com> * add kuttl tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * remove duplicate code Signed-off-by: ShutingZhao <shuting@nirmata.com> * update permissions Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: harden rbac permissions (#7638) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](`dd6b2e2b61...d13028333d`) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`80e868c13c...08b4669551`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650) * Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 Signed-off-by: webstradev <e.s.westra.95@gmail.com> * fixed tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added tests for repository Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: webstradev <e.s.westra.95@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: webstradev <e.s.westra.95@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> * fix: vscode debug config (#7653) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: pr updater workflow (#7665) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: add specific loaders from #7597 (#7671) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add cluster select and relabling config for ServiceMonitors (#7659) * feat: add cluster select and relabling config for ServiceMonitors Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> * feat: add cluster select and relabling config for ServiceMonitors Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> --------- Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> * fix: cleanup controller context from #7597 (#7672) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: cleanup controller rbac (#7669) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: migrate context loaders (part 1) from #7597 (#7676) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: migrate context loaders (part 2) from #7597 (#7677) * refactor: migrate context loaders (part 1) from #7597 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: migrate context loaders (part 2) from #7597 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add lazy loading feature flag (#7680) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: image verification (#7652) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Fix deferred loading (#7597) * handle nested contexts Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add feature flag Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add kuttl tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix CLI regclient Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: token permissions on report vulns workflow (#7611) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: token permissions (#7619) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: update the flag descriptions of the reports-controller (#7617) Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> * fix: panic if env var not defined (#7613) * fix: panic if env var not defined Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * use toggles instead of a flag Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update toggle name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update toggle name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix roles Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update manifests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove extra unlock Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix loader reset Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * propagate context Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cm resolver Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * level management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * address review comments Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add enableDeferredLoading to other controllers Signed-off-by: Jim Bugwadia <jim@nirmata.com> * re-enable ACR credhelper Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove image registry client init Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for invalid reset/restore Signed-off-by: Jim Bugwadia <jim@nirmata.com> * recursive kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * add pre/post queries Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for a recursive match Signed-off-by: Jim Bugwadia <jim@nirmata.com> * new test suite Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * eval loaders at creation level Signed-off-by: Jim Bugwadia <jim@nirmata.com> * kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * add an index for resolving deps in order Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve comment Signed-off-by: Jim Bugwadia <jim@nirmata.com> * extract remove method Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * flags Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feature flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * two rules kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * revert Signed-off-by: ShutingZhao <shuting@nirmata.com> * per rule checkpoint Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix mutate chained rules Signed-off-by: ShutingZhao <shuting@nirmata.com> * per rule checpoint/restore Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * log error Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> * fix: factorise confimap informer code (#7667) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](`d13028333d...6e04d228eb`) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Swap any/all in the error message. (#7688) Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add background only policy support (#6666) * feat: add background only policy support Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * webhook Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * validation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * all disabled Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: pr updater workflow (#7697) * fix: pr updater workflow Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Update .github/workflows/pr-update.yaml Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: customizable tracer configuration (#7644) * fix: customizable tracer configuration Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: harden rbac permissions (#7638) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#7664) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](`dd6b2e2b61...d13028333d`) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#7663) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`80e868c13c...08b4669551`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * use resource.New instead of Merge Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix tabs Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * [Chore] bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 (#7650) * Bump notation-go from 1.0.0-rc.3 -> 1.0.0-rc.6 Signed-off-by: webstradev <e.s.westra.95@gmail.com> * fixed tests Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * added tests for repository Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: webstradev <e.s.westra.95@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: webstradev <e.s.westra.95@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: vscode debug config (#7653) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: pr updater workflow (#7665) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * refactor: add specific loaders from #7597 (#7671) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * feat: add cluster select and relabling config for ServiceMonitors (#7659) * feat: add cluster select and relabling config for ServiceMonitors Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> * feat: add cluster select and relabling config for ServiceMonitors Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> --------- Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: cleanup controller context from #7597 (#7672) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: cleanup controller rbac (#7669) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * refactor: migrate context loaders (part 1) from #7597 (#7676) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * refactor: migrate context loaders (part 2) from #7597 (#7677) * refactor: migrate context loaders (part 1) from #7597 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: migrate context loaders (part 2) from #7597 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * feat: add lazy loading feature flag (#7680) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: image verification (#7652) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * Fix deferred loading (#7597) * handle nested contexts Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add feature flag Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add kuttl tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix CLI regclient Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix: token permissions on report vulns workflow (#7611) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: token permissions (#7619) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: update the flag descriptions of the reports-controller (#7617) Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> * fix: panic if env var not defined (#7613) * fix: panic if env var not defined Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * use toggles instead of a flag Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update toggle name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update toggle name Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix roles Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix role Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update manifests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove extra unlock Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix loader reset Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * propagate context Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cm resolver Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * level management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * address review comments Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add enableDeferredLoading to other controllers Signed-off-by: Jim Bugwadia <jim@nirmata.com> * re-enable ACR credhelper Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove image registry client init Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for invalid reset/restore Signed-off-by: Jim Bugwadia <jim@nirmata.com> * recursive kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * add pre/post queries Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for a recursive match Signed-off-by: Jim Bugwadia <jim@nirmata.com> * new test suite Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * eval loaders at creation level Signed-off-by: Jim Bugwadia <jim@nirmata.com> * kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * add an index for resolving deps in order Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve comment Signed-off-by: Jim Bugwadia <jim@nirmata.com> * extract remove method Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * flags Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feature flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * two rules kuttl test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update unit tests Signed-off-by: ShutingZhao <shuting@nirmata.com> * revert Signed-off-by: ShutingZhao <shuting@nirmata.com> * per rule checkpoint Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix mutate chained rules Signed-off-by: ShutingZhao <shuting@nirmata.com> * per rule checpoint/restore Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * log error Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * fix: factorise confimap informer code (#7667) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#7689) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](`d13028333d...6e04d228eb`) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> * Update pkg/tracing/config.go Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: webstradev <e.s.westra.95@gmail.com> Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: webstradev <e.s.westra.95@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix: lock schema manager when updating it (#7704) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test: add kuttl tests for background only policies (#7709) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Feat: Upgrade controller-gen to v0.12.0 and fix tooling (#7683) * Upgrade controller-gen and fix tooling Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Address comments Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Add a marker in the sed command Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Upgrade to the latest version and rearrange the annotations Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Fix failing Verify Codegen tests Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Remove unnecessary file Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Restore original version in test folder Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> * Add creationTimestamp: null again in the test folder Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> --------- Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: release signing (#7711) (#7713) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: use github token instead of pat (#7716) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reduce token permissions (#7719) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reduce token permissions (#7721) * fix: reduce token permissions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reduce token permissions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: make `test --fail-only` return 1 if there are failed tests (#7717) Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove redundant tests (#7702) Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: use gh token instead of pat (#7723) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: remove obsolete scripts (#7720) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reduce token permission (#7729) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: use github token instead of pat (#7727) * fix: remove jmespath replace directive Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: use github token instead of pat Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: use golang builtin version management (#7654) * fix: use golang builtin version management Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: template for user setup in kuttl (#7731) Signed-off-by: Alok N <alokme123@gmail.com> * feat: Add option to add imagePullSecrets to cleanup CronJobs (#7730) * Add option to add imagePullSecrets to cleanup CronJobs Signed-off-by: Alexander Olzem <olzemal@pm.me> * Update chart README Signed-off-by: Alexander Olzem <olzemal@pm.me> --------- Signed-off-by: Alexander Olzem <olzemal@pm.me> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: typo in check cmd (#7733) Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> * fix: nits in cli flags (#7736) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: bump ko version (#7738) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: bump kind node versions (#7737) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: refactor cli values loading and remove dead code (#7739) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * [Feature] round() JMESPath function (#7489) * adding roundoff Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * removing unnecessary Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * adding test Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * adding edge case Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * fixing error Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * updating function call Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * updating function jpRound Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * error handling negative Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * fix Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * parsing Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * cleanup Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump ubuntu from `6120be6` to `0bced47` in /.devcontainer (#7744) Bumps ubuntu from `6120be6` to `0bced47`. --- updated-dependencies: - dependency-name: ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: improve cli apply args check (#7746) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: remove cli dead code (#7748) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Replaced gcr crane with gcr remote (#7747) * fix: oras-go/v2 version in go.sum Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * refactor: move kyverno constants out of v1 package (#7760) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: use register-gen to register k8s types (#7761) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump fluxcd/flux2 from 0.41.2 to 2.0.0 (#7764) Bumps [fluxcd/flux2](https://github.com/fluxcd/flux2) from 0.41.2 to 2.0.0. - [Release notes](https://github.com/fluxcd/flux2/releases) - [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml) - [Commits](`dbda8fbdb8...9ea0a535ea`) --- updated-dependencies: - dependency-name: fluxcd/flux2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: introduce defaulters-gen (#7765) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add table output to cli apply command (#7757) * feat: add table output to cli apply command Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * factorise Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> * chore: bump cosign in gh workflows (#7715) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: switch to deepcopy-gen (#7766) * chore: switch to deepcopy-gen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: increase linter timeout (#7767) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * undo: revert back to cosign 2.0.2 cosign 2.1.1 has dependency conflicts with oras Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * remove markers Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: remove 0_14 version of gcr k8s-sigstore-manifest got a new version so we can finally upgrade gcr to v0.15 Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * add: add logging to tlogs and sct Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * undo: remove registryOpts in favor of registry client opts added the missing parts from registryOptions in registry client opts Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore: add generated files Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore: clean go mod Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: remove bad logs Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: fix go mod Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: update kubebuilder version in crds Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * update: rollback policy to ignore tlog Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore: update codegen Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shutting06@gmail.com> Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: webstradev <e.s.westra.95@gmail.com> Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Signed-off-by: emmanuel-ferdman <emmanuelferdman@gmail.com> Signed-off-by: JaeHeung Han <hylowaker@users.noreply.github.com> Signed-off-by: Daniel Laszlo <laszlodaniel@icloud.com> Signed-off-by: Daniel Laszlo <daniel.laszlo@bitpanda.com> Signed-off-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> Signed-off-by: Carles Figuerola <cfiguerola@expediagroup.com> Signed-off-by: Alok N <alokme123@gmail.com> Signed-off-by: Alexander Olzem <olzemal@pm.me> Signed-off-by: Rexbeast2 <ssukhveer514@gmail.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com> Co-authored-by: Marc Brugger <github@bakito.ch> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: webstradev <e.s.westra.95@gmail.com> Co-authored-by: Frank Jogeleit <frank.jogeleit@lovoo.com> Co-authored-by: Emmanuel Ferdman <emmanuelferdman@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: JaeHeung Han <hylowaker@users.noreply.github.com> Co-authored-by: Daniel Laszlo <laszlodaniel@icloud.com> Co-authored-by: Md Shahbaz Alam <shahbazalam75508@gmail.com> Co-authored-by: shahbaz <shahbaz@shahbaz.myguest.virtualbox.org> Co-authored-by: Carles-Figuerola <carles@figuerola.info> Co-authored-by: Alok Naushad <alokme123@gmail.com> Co-authored-by: Alex Olzem <olzemal@gmail.com> Co-authored-by: SukhveerS <78963782+Rexbeast2@users.noreply.github.com>		2023-08-15 14:25:55 +00:00
..
01-policy.yaml	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00
02-resources.yaml	test: add kuttl test for bad manifest signatures (#6719 )	2023-03-29 12:09:22 +00:00
policy-assert.yaml	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00
policy.yaml	Support for Cosign 2.0 (#7248 )	2023-08-15 14:25:55 +00:00
README.md	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00
resource-bad-signatures.yaml	test: add kuttl test for bad manifest signatures (#6719 )	2023-03-29 12:09:22 +00:00
resource-no-signature.yaml	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00
resource-one-signature.yaml	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00
resource-two-signatures.yaml	test: add kuttl tests for manifests verification (#6701 )	2023-03-27 12:19:19 -04:00

README.md

Description

This test creates a policy to verify manifests signatures. The policy specifies that two signatures are expected to be valid.

Expected Behavior

Resource with no signature should be rejected. Resource with one signature should be rejected. Resource with two signatures should be accepted.