mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

History

Ammar Yasser 9a8e35d787 Selector with mutate target (#11208 ) * feature: Add LabelSelector as a field of resource spec to allow fetching by labels Signed-off-by: aerosouund <aerosound161@gmail.com> * chore: Generate CRDs Signed-off-by: aerosouund <aerosound161@gmail.com> * feat: Add the capability to fetch with label selector - Add the label selector as a parameter to GetResources of the engine api client and the dclient. - Use the label selector with list options in the dclient. - convert a metav1.LabelSelector to a labels.Selector before fetching to be able to convert it to a string to be used with ListOptions. Signed-off-by: aerosouund <aerosound161@gmail.com> * feat: Pass label selector to the GetResources method Signed-off-by: aerosouund <aerosound161@gmail.com> * feat: Return the resource selector when resolving spec Signed-off-by: aerosouund <aerosound161@gmail.com> * fix: Instantiate the fake client schema using the passed gvrToListKind map and by inferring schema from passed resources All tests that use List will fail because the fake client doesn't infer the schema from the passed resources. gvrToListKind can't be fully deprecated as some parts of kyverno use the fake client without passing resources to it (resource generation). And so both approaches have to be supported. References: - https://github.com/kubernetes/client-go/issues/983 - `46c1ad3baa` Signed-off-by: aerosouund <aerosound161@gmail.com> * test: Add labelSelector unit test to mutate existing test. - Remove the unwanted call to GetResource. - Pass an empty map of GVR to string to the fake client constructor. Signed-off-by: aerosouund <aerosound161@gmail.com> * test: Add chainsaw test Signed-off-by: aerosouund <aerosound161@gmail.com> * chore: Run codegen Signed-off-by: aerosouund <aerosound161@gmail.com> * chore: Generate helm CRDs Signed-off-by: aerosouund <aerosound161@gmail.com> * refactor: Put the LabelSelector in a separate struct Many types use the ResourceSpec struct and not all of them support label selectors. This removes the field into a separate schema dedicated to target selection called TargetSelector. It has the ResourceSpec and the selector. Signed-off-by: aerosouund <aerosound161@gmail.com> * chore: Run codegen after modifying selector comment Signed-off-by: aerosouund <aerosound161@gmail.com> * chore: Run codegen Signed-off-by: aerosouund <aerosound161@gmail.com> --------- Signed-off-by: aerosouund <aerosound161@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>		2024-10-16 11:17:08 +00:00
..
_testdata	fix: policy report generation for namespaced policies in CLI (#10923 )	2024-09-10 12:50:53 +00:00
apis	chore: Add a new field in the test results CRD to specify patched resources (#11297 )	2024-10-08 19:41:40 +08:00
command	refactor: move utils cobra to command package (#8291 )	2023-09-06 14:44:50 +00:00
commands	refactor: move autogen v1 and v2 packages (#11416 )	2024-10-16 08:51:38 +00:00
config/crds	chore: Add a new field in the test results CRD to specify patched resources (#11297 )	2024-10-08 19:41:40 +08:00
data	Selector with mutate target (#11208 )	2024-10-16 11:17:08 +00:00
deprecations	feat: add deprecation warnings in the CLI (#9222 )	2023-12-20 12:45:26 +00:00
exception	chore: use v2 clients for policy exceptions (#10530 )	2024-06-24 16:36:55 +00:00
experimental	feat: bump to k8s 1.31 (#10938 )	2024-08-28 17:09:58 +00:00
fix	feat(json): unmarshal at decode time (#10700 )	2024-08-05 15:46:50 +03:00
log	[Bug] [CLI] Level parameter of the apply and test commands does not work (#10216 )	2024-05-15 13:57:17 +00:00
output	feat(perf): add new linter `prealloc` to enforce slice declarations best practice (#10250 )	2024-05-20 14:46:35 +05:30
path	feat(perf): add new linter `prealloc` to enforce slice declarations best practice (#10250 )	2024-05-20 14:46:35 +05:30
policy	chore: remove v1alpha1 of VAPs and use v1beta1 (#10955 )	2024-08-29 15:31:25 +00:00
processor	refactor: move autogen v1 and v2 packages (#11416 )	2024-10-16 08:51:38 +00:00
report	fix: policy report generation for namespaced policies in CLI (#10923 )	2024-09-10 12:50:53 +00:00
resource	feat: update engine response.generatedResources to support multiple resource (#11398 )	2024-10-15 14:59:18 +08:00
source	refactor: cli policy package (#8279 )	2023-09-05 23:01:31 +00:00
store	refactor: make CLI store non static (#9200 )	2023-12-19 22:45:53 +08:00
test	chore: bump cosign to v2.2.1 (#8855 )	2023-11-09 12:22:35 +00:00
userinfo	feat: bump update request api version (#10508 )	2024-06-20 09:44:43 +00:00
utils/common	refactor: move autogen v1 and v2 packages (#11416 )	2024-10-16 08:51:38 +00:00
values	feat: add cli api schemas (#8422 )	2023-09-17 23:50:17 +03:00
variables	feat: add deprecation warnings in the CLI (#9222 )	2023-12-20 12:45:26 +00:00
main.go	[Bug] [CLI] Restore warn-exit-code functionality for apply command (#9828 )	2024-02-29 13:08:21 +00:00
README.md	[DOC] fixed typo and broken links (#8954 )	2023-11-19 13:49:10 +00:00

README.md

kubectl-kyverno

This repository contains Kyverno CLI source code.

The CLI can be used as a standalone tool or as a kubectl plugin.

📙 Documentation

👉 Installation

👉 Reference docs

🔧 GitHub Action

You can install the Kyverno CLI in your GitHub workflows easily using the kyverno-cli-installer GitHub action.

Check the documentation in the GitHub repository or GitHub marketplace.

🙋‍♂️ Help

Use kyverno --help to list supported commands and their corresponding flags:

To enable experimental commands, KYVERNO_EXPERIMENTAL should be configured with true or 1.

Usage:
  kyverno [command]

Available Commands:
  apply       Applies policies on resources.
  completion  Generate the autocompletion script for the specified shell
  create      Provides a command-line interface to help with the creation of various Kyverno resources.
  docs        Generates documentation.
  help        Help about any command
  jp          Provides a command-line interface to JMESPath, enhanced with Kyverno specific custom functions.
  test        Run tests from directory.
  version     Shows current version of kyverno.

Flags:
      --add_dir_header                   If true, adds the file directory to the header of the log messages
      --alsologtostderr                  log to standard error as well as files (no effect when -logtostderr=true)
  -h, --help                             help for kyverno
      --log_backtrace_at traceLocation   when logging hits line file:N, emit a stack trace (default :0)
      --log_dir string                   If non-empty, write log files in this directory (no effect when -logtostderr=true)
      --log_file string                  If non-empty, use this log file (no effect when -logtostderr=true)
      --log_file_max_size uint           Defines the maximum size a log file can grow to (no effect when -logtostderr=true). Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)
      --logtostderr                      log to standard error instead of files (default true)
      --one_output                       If true, only write logs to their native severity level (vs also writing to each lower severity level; no effect when -logtostderr=true)
      --skip_headers                     If true, avoid header prefixes in the log messages
      --skip_log_headers                 If true, avoid headers when opening log files (no effect when -logtostderr=true)
      --stderrthreshold severity         logs at or above this threshold go to stderr when writing to files and stderr (no effect when -logtostderr=true or -alsologtostderr=false) (default 2)
  -v, --v Level                          number for the log level verbosity
      --vmodule moduleSpec               comma-separated list of pattern=N settings for file-filtered logging

To enable experimental commands, KYVERNO_EXPERIMENTAL should be configured with true or 1.

License

Kyverno is a Cloud Native Computing Foundation (CNCF) Incubating project and was contributed by Nirmata.