mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 23:46:56 +00:00
838d02c475
* - support wildcards for namespaces * do not annotate resource, unless policy is an autogen policy * close HTTP body * improve messages * remove policy store Policy store was not fully implemented and simply provided a way to list all polices and get a policy by name, which can be done via standard client-go interfaces. We need to revisit and design a better PolicyStore that provides fast lookups for matching policies based on names, namespaces, etc. * handle wildcard namespaces in background processing * fix unit tests 1) remove platform dependent path usage 2) remove policy store * add test case for mutate with wildcard namespaces |
||
|---|---|---|
| .. | ||
| CM.yaml | ||
| deny_runasrootuser.yaml | ||
| disallow_automountingapicred.yaml | ||
| disallow_default_namespace.yaml | ||
| disallow_docker_sock_mount.yaml | ||
| disallow_helm_tiller.yaml | ||
| disallow_host_filesystem.yaml | ||
| disallow_host_filesystem_pass.yaml | ||
| disallow_host_network_hostport.yaml | ||
| disallow_hostpid_hostipc.yaml | ||
| disallow_new_capabilities.yaml | ||
| disallow_node_port.yaml | ||
| disallow_privileged.yaml | ||
| ingress-haproxy.yaml | ||
| ingress-nginx.yaml | ||
| pod-with-default-volume.yaml | ||
| pod-with-emptydir.yaml | ||
| pod-with-hostpath.yaml | ||
| pod_with_latest_tag.yaml | ||
| pod_with_version_tag.yaml | ||
| require_default_network_policy.yaml | ||
| require_image_tag_not_latest_notag.yaml | ||
| require_image_tag_not_latest_pass.yaml | ||
| require_namespace_quota.yaml | ||
| require_pod_requests_limits.yaml | ||
| require_probes.yaml | ||
| require_readonly_rootfilesystem.yaml | ||
| resource_default_namespace.yaml | ||
| resource_generate_networkPolicy.yaml | ||
| resource_mutate_endpoint.yaml | ||
| resource_mutate_imagePullPolicy.yaml | ||
| resource_mutate_pod_spec.yaml | ||
| resource_mutate_validate_qos.yaml | ||
| resource_validate_container_capabilities.yaml | ||
| resource_validate_container_disallow_priviledgedprivelegesecalation.yaml | ||
| resource_validate_containerSecurityContext.yaml | ||
| resource_validate_default_proc_mount.yaml | ||
| resource_validate_disallow_default_serviceaccount.yaml | ||
| resource_validate_fsgroup.yaml | ||
| resource_validate_healthChecks.yaml | ||
| resource_validate_image_pullpolicy_notalways_deny.yaml | ||
| resource_validate_image_pullpolicy_notalways_pass.yaml | ||
| resource_validate_imageRegistries.yaml | ||
| resource_validate_nonRootUser.yaml | ||
| resource_validate_selinux_context.yaml | ||
| resource_validate_sysctl_configs.yaml | ||
| resource_validate_volume_whitelist.yaml | ||
| trusted_image_registries.yaml | ||