b10947b975
* support k8s 1.22, update admissionregistration.k8s.io/v1beta1 to admissionregistration.k8s.io/v1 Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add failurePolicy to policy spec; - fix typo Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add schema validation for failurePolicy; - add a printer column Signed-off-by: ShutingZhao <shutting06@gmail.com> * set default failure policy to fail if not defined Signed-off-by: ShutingZhao <shutting06@gmail.com> * resolve conflicts Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix missing type for printerColumn Signed-off-by: ShutingZhao <shutting06@gmail.com> * refactor policy controller Signed-off-by: ShutingZhao <shutting06@gmail.com> * add webhook config manager Signed-off-by: ShutingZhao <shutting06@gmail.com> * - build webhook objects per policy update; - add fail webhook to default webhook configurations Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix panic on policy update Signed-off-by: ShutingZhao <shutting06@gmail.com> * build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all Signed-off-by: ShutingZhao <shutting06@gmail.com> * - set default webhook configs rule to empty; - handle policy deletion Signed-off-by: ShutingZhao <shutting06@gmail.com> * reset webhook config if policies with a specific failurePolicy are cleaned up Signed-off-by: ShutingZhao <shutting06@gmail.com> * handle wildcard pocliy Signed-off-by: ShutingZhao <shutting06@gmail.com> * update default webhook timeout to 10s Signed-off-by: ShutingZhao <shutting06@gmail.com> * cleanups Signed-off-by: ShutingZhao <shutting06@gmail.com> * added webhook informer to re-create it immediately if missing Signed-off-by: ShutingZhao <shutting06@gmail.com> * update tag webhookTimeoutSeconds description Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix e2e tests Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix linter issue Signed-off-by: ShutingZhao <shutting06@gmail.com> * correct metric endpoint Signed-off-by: ShutingZhao <shutting06@gmail.com> * add pol.generate.kind to webhooks Signed-off-by: ShutingZhao <shutting06@gmail.com> |
||
|---|---|---|
| .github | ||
| api | ||
| charts | ||
| cmd | ||
| definitions | ||
| docs | ||
| img | ||
| litmuschaos | ||
| pkg | ||
| scripts | ||
| test | ||
| .codeclimate.yml | ||
| .directory | ||
| .gitignore | ||
| .golangci.yml | ||
| .goreleaser.yml | ||
| .krew.yaml | ||
| ADOPTERS.md | ||
| CHANGELOG.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| OWNERS.md | ||
| README.md | ||
| SECURITY.md | ||
Kyverno 
Kubernetes Native Policy Management 🎉
Kyverno is a policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans. Kyverno policies are Kubernetes resources and do not require learning a new language. Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git.
Contributors
Made with contributors-img.
📙 Documentation
Kyverno installation and reference documents are available at: kyverno.io.
🙋♂️ Getting Help
We are here to help!
👉 For feature requests and bugs, file an issue.
👉 For discussions or questions, join the slack channel k8s.slack.io/#kyverno.
👉 For community meeting access join the mailing list.
👉 To get updates ⭐️ star this repository.
➕ Contributing
Thanks for your interest in contributing to Kyverno! Here are some steps to help get you started:
✔ Read and agree to the Contribution Guidelines.
✔ Browse through the GitHub discussions.
✔ Read Kyverno design and development details on the GitHub Wiki.
✔ Check out the good first issue list. Add a comment with /assign to request assignment of the issue.
✔ Checkout out the Kyverno Community page for other ways to get involved.