1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 07:26:55 +00:00
kyverno/go.mod
Vishal Choudhary 80d139bb5d
Added fetchAttestations method to notaryV2 implimentation (#6800)
* moved to oras

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* linting error fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added error checking

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed errors

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added final build

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added predicate fetching

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added checks in statements

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed continuous checking if predicate is found

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* renamed notaryv2 to notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* changed notaryv2 to notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* run codegen all

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* changes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* commented cert

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added variable support to certs

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* renamed notaryV2 to notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* deprecated predicate types

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* disallow keys and keyless under attestors if type is set to notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* gcr crane implementation init

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added changes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* types

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* using remote puller and pusher

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* implemented notation repository interface

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated notary implementation and fixed errors

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed oras

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* kuttl test init

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added image verify test

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* check image attestation notary

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added readme

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added tests for extract statements

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: remove status from policy webhooks (#6939)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: split chart values in readme per component (#6936)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fix: incorrect json patch validation (#6941)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add verbosity level in helm chart values (#6940)

* feat: add verbosity level in helm chart values

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* codegen

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: match on ephemeral containers (#6963)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: refine event permissions in default roles (#6957)

* remove the event delete permission

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add '- events.k8s.io/v1'

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* Add kuttl test for ephemeral containers (#6966)

* Move Sam to Emeritus status

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* add kuttl test for ephemeral containers

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* refactor: restructure cli test command (#6942)

* refactor: restructure cli test command

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add credential helpers flags (#6974)

* feat: add credential helpers flags

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 (#6976)

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.9.2 to 0.10.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](1f0aa582c8...e5f43133f6)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Support for Context vars in cleanup (#6084)

* Added Context in CleanupPolicySpec

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added context.go file with loadVariable()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added loadAPIData() in context.go and called from handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added conditionals for not supported context variables

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted versions in CRDs

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted CRDs to v0.11.1

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Imported fmt in handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added Context in CleanupPolicySpec

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added context.go file with loadVariable()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added loadAPIData() in context.go and called from handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added conditionals for not supported context variables

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted versions in CRDs

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted CRDs to v0.11.1

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Imported fmt in handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Removed duplicate import

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* make verify-codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Updated kuttl test

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Fixed kuttl failure

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* moved policy check to validation

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reused functions

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added kuttl test

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added more configMap

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* removed unecessary check

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* auto codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* updated codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Renamed ApplyJMESPath() to applyJMESPath()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

---------

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#6981)

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](d27e3f3d7c...57ded4d7d5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 (#6982)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](40a12dcee2...894ff025c7)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix background variables validation (#6978)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: restrict default permissions (#6972)

* restrict admission permissions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* restrict background  permissions

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* kuttl README (#6984)

* Added Context in CleanupPolicySpec

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added context.go file with loadVariable()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added loadAPIData() in context.go and called from handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added conditionals for not supported context variables

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted versions in CRDs

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted CRDs to v0.11.1

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Imported fmt in handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added Context in CleanupPolicySpec

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added context.go file with loadVariable()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added loadAPIData() in context.go and called from handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added conditionals for not supported context variables

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted versions in CRDs

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reverted CRDs to v0.11.1

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Imported fmt in handlers.go

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Removed duplicate import

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* make verify-codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Updated kuttl test

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Fixed kuttl failure

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* moved policy check to validation

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Reused functions

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added kuttl test

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added more configMap

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* removed unecessary check

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* auto codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* updated codegen

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Renamed ApplyJMESPath() to applyJMESPath()

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

* Added Readme in context-cleanup-pod

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>

---------

Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github/codeql-action from 2.2.12 to 2.3.0 (#6989)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](7df0ce3489...b2c19fb9a2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/notaryproject/notation-core-go (#6987)

Bumps [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go) from 1.0.0-rc.2 to 1.0.0-rc.3.
- [Release notes](https://github.com/notaryproject/notation-core-go/releases)
- [Commits](https://github.com/notaryproject/notation-core-go/compare/v1.0.0-rc.2...v1.0.0-rc.3)

---
updated-dependencies:
- dependency-name: github.com/notaryproject/notation-core-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: new access checks for background policies (#6970)

* switch to use sar for access checks

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update helm config

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix username

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update msg

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix sa name

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* update install.yaml

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: bump kind image to 1.27.1 (#6993)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: bump k8s deps to 1.27 (#6868)

* feat: bump k8s deps to 1.27

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* bump k8s 1.27.1

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>

* fix: disable autogen in foreach mutation with json patches (#6996)

* fix: disable autogen in foreach mutation with json patches

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: add server ip config to cleanup controller (#6999)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add features section in helm values (#6935)

* feat: add features section in helm values

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* configs

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* overrides

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add reports cleanup jobs to prevent outage (#6960)

* feat: add reports cleanup jobs to prevent outage

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* security cotnext

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* feat: add registry credential helpers feature (#7002)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: improve instrumented clients (#7006)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: record configmap resource version to not reload when version didn't change (#7007)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#7012)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](9e9de2292d...204a51a57a)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add Red Hat ACM to the Adopters list (#7016)

Red Hat ACM is useful for distributed kyverno policies across a
managed fleet of clusters.  Adding to adopters file with a link that
describes details of using the ACM policy generator with Kyverno.

Signed-off-by: Gus Parvin <gparvin@redhat.com>

* fix: helm template with metricsRefreshInterval (#7019)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* add support for Kubernetes API server POST (#6948)

* allow POST for Kubernetes API calls

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fmt and undo local changes

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix codegen and unit test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix unit test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* fix tests and extends docs

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* feat: update built-in resource schemas (#7014)

* feat: update built-in resource schemas

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix unit test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: use github.com/evanphx/json-patch/v5 (#7015)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github/codeql-action from 2.3.0 to 2.3.1 (#7025)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](b2c19fb9a2...8662eabe0e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add DE-CIX as adopter of kyverno (#7027)

Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>

* refactor: engine patchers (#7030)

* refactor: engine patchers

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github/codeql-action from 2.3.1 to 2.3.2 (#7033)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8662eabe0e...f3feb00acb)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add Saxo Bank and Velux as adopters (#7036)

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* update development doc (#7037)

Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>

* fix: generate policy validation to prevent endless loop (#7026)

* refactor policy validation

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add loop check for generate

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fixes

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fixes

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: remove deletionTimestamp checks (#7039)

* remove deletionTimestamp check

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove deletionTimestamp check

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add back source check

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove deletionTimestamp check

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 (#7055)

Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.90.1 to 2.100.1.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.90.1...v2.100.1)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: add background scan interval log (#7065)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: flaky github action (#7068)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* refactor: engine response policy (#7063)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add opt-in setting to deploy v3 chart (#7066)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* require generate.apiVersion (#7080)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: remove excluded groups from matching (#7083)

* fix: remove excluded groups from matching

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* feat: add config inclusions support (#7082)

* feat: add config inclusions support

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore: add makefile target for kwok (#7097)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 (#7099)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f3feb00acb...29b1f65c5e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* validate target resource scope & namespace settings (#7098)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: mutation code (#7095)

* fix: mutation code

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* kuttl tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* lazy loading of context vars (#7071)

* lazy loading of context vars

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* gofumpt

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add kuttl tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* [Feature] Add kuttl tests with policy exceptions disabled (#7117)

* added tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* removed redundant code

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* typo fix and README changes

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* Conditions message (#7113)

* add message to conditions

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* extend tests

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* chore(deps): bump zgosalvez/github-actions-ensure-sha-pinned-actions (#7123)

Bumps [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](21991cec25...555a30da26)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore(deps): bump sigs.k8s.io/kustomize/kyaml from 0.14.1 to 0.14.2 (#7121)

Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/kyaml/v0.14.1...kyaml/v0.14.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/kyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore(deps): bump oras.land/oras-go/v2 from 2.0.2 to 2.1.0 (#7102)

Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/oras-project/oras-go/releases)
- [Commits](https://github.com/oras-project/oras-go/compare/v2.0.2...v2.1.0)

---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* add condition msg to v2beta1 (#7126)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* feat: print container flags and their values (#7127)

* add condition msg to v2beta1

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* print flags settings

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* remove the container flag genWorker from the admission controller (#7132)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 (#7103)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.54.0 to 1.55.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.54.0...v1.55.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* remove the duplicate entry (#7125)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 (#7120)

Bumps [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](https://github.com/kubernetes-sigs/kustomize/compare/api/v0.13.2...api/v0.13.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* fixed error

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* undo mistake

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod conflict fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* changes from review

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* NIT

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated image

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated checks

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed verifying wrong ref

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated cert in tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* added warning when predicate type is used

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fix: panic for policy variable validation (#7079)

* fix panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* check errors

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: remove policy-reporter from dev lab (#7196)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: cleanup controller metrics name (#7198)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: http request metrics (#7197)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* remove unused code (#7203)

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* handle Deny rules where conditions eval to true (#7204)

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>

* [Bug] Enforce message wrong (#7208)

* fix

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* fixed tests

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

---------

Signed-off-by: Ved Ratan <vedratan8@gmail.com>

* chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#7207)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](894ff025c7...eaaf4bedf3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#7215)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](204a51a57a...03d0fecf17)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: panic in reports controller (#7220)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: mutate existing auth check (#7219)

* fix auth check when using variables in ns

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* add kuttl tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix: do not exclude kube-system service accounts by default (#7225)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* docs: add reports system design doc (#6949)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 (#7227)

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shuting <shuting@nirmata.com>

* chore(deps): bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 (#7228)

Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#7229)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](03d0fecf17...dd6b2e2b61)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump k8s.io/pod-security-admission from 0.27.1 to 0.27.2 (#7232)

Bumps [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/pod-security-admission/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/pod-security-admission
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: match logic misbehave (#7218)

* add rule name in ur for mutate existing

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix match logic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* linter fixes

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix the match logic to only apply to the new object, unless it's a delete request

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix unit tests

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#7240)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#7239)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.7)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump k8s.io/kube-aggregator from 0.27.1 to 0.27.2 (#7241)

Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.27.1 to 0.27.2.
- [Commits](https://github.com/kubernetes/kube-aggregator/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump k8s.io/apiextensions-apiserver from 0.27.1 to 0.27.2 (#7242)

Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.27.1 to 0.27.2.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.27.1...v0.27.2)

---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* updated kuttl tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* fixed mistake in assert

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* quote image in error (#7259)

Signed-off-by: bakito <github@bakito.ch>

* fix: auto update webhooks not configuring fail endpoint (#7261)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix latest version check (#7263)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.0 (#7270)

Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](7319e4733e...58d5258088)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump sigs.k8s.io/controller-runtime from 0.14.6 to 0.15.0 (#7272)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.6 to 0.15.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.6...v0.15.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: add yaml util to check empty document (#7276)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#7274)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fixed api version in kuttl tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated kuttl tests

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go sum update

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated admission controller assert

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* updated image

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* removed admission controller changes

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

* go mod fix

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>

---------

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Signed-off-by: Gus Parvin <gparvin@redhat.com>
Signed-off-by: Raul Garcia Sanchez <info@raulgarcia.de>
Signed-off-by: Mariam Fahmy <mariamfahmy66@gmail.com>
Signed-off-by: Ved Ratan <vedratan8@gmail.com>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Md Sahil <85174511+MdSahil-oss@users.noreply.github.com>
Co-authored-by: Gus Parvin <gparvin@redhat.com>
Co-authored-by: Raúl Garcia Sanchez <info@raulgarcia.de>
Co-authored-by: Mariam Fahmy <55502281+MariamFahmy98@users.noreply.github.com>
Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com>
Co-authored-by: Marc Brugger <github@bakito.ch>
2023-06-01 16:05:28 +08:00

338 lines
17 KiB
Modula-2

module github.com/kyverno/kyverno
go 1.20
require (
github.com/IGLOU-EU/go-wildcard v1.0.3
github.com/aquilax/truncate v1.0.0
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20230322223720-077b4a917a90
github.com/blang/semver/v4 v4.0.0
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589
github.com/cyphar/filepath-securejoin v0.2.3
github.com/distribution/distribution v2.8.2+incompatible
github.com/evanphx/json-patch/v5 v5.6.0
github.com/fatih/color v1.15.0
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
github.com/go-git/go-billy/v5 v5.4.1
github.com/go-git/go-git/v5 v5.7.0
github.com/go-logr/logr v1.2.4
github.com/go-logr/zapr v1.2.4
github.com/google/gnostic v0.6.9
github.com/google/go-containerregistry v0.14.1-0.20230425172351-b7c6e9dc3944
github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20230403180904-b8d1c0a1df12
github.com/in-toto/in-toto-golang v0.6.0
github.com/jmespath/go-jmespath v0.4.0
github.com/jmoiron/jsonq v0.0.0-20150511023944-e874b168d07e
github.com/julienschmidt/httprouter v1.3.0
github.com/kataras/tablewriter v0.0.0-20180708051242-e063d29b7c23
github.com/lensesio/tableprinter v0.0.0-20201125135848-89e81fc956e7
github.com/mattbaird/jsonpatch v0.0.0-20200820163806-098863c1fc24
github.com/notaryproject/notation-core-go v1.0.0-rc.4
github.com/notaryproject/notation-go v1.0.0-rc.3
github.com/onsi/ginkgo v1.16.5
github.com/onsi/gomega v1.27.7
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.0-rc2
github.com/orcaman/concurrent-map/v2 v2.0.1
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.15.1
github.com/robfig/cron v1.2.0
github.com/sigstore/cosign v1.13.1
github.com/sigstore/k8s-manifest-sigstore v0.4.4
github.com/sigstore/sigstore v1.5.2
github.com/spf13/cobra v1.7.0
github.com/stretchr/testify v1.8.4
github.com/zach-klippenstein/goregen v0.0.0-20160303162051-795b5e3961ea
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.41.1
go.opentelemetry.io/otel v1.15.1
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v0.38.1
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.15.1
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.15.1
go.opentelemetry.io/otel/exporters/prometheus v0.38.1
go.opentelemetry.io/otel/metric v0.38.1
go.opentelemetry.io/otel/sdk v1.15.1
go.opentelemetry.io/otel/sdk/metric v0.38.1
go.opentelemetry.io/otel/trace v1.15.1
go.uber.org/automaxprocs v1.5.2
go.uber.org/multierr v1.11.0
go.uber.org/zap v1.24.0
golang.org/x/crypto v0.9.0
golang.org/x/exp v0.0.0-20230321023759-10a507213a29
golang.org/x/text v0.9.0
google.golang.org/grpc v1.55.0
gopkg.in/inf.v0 v0.9.1
gopkg.in/yaml.v2 v2.4.0
gopkg.in/yaml.v3 v3.0.1
gotest.tools v2.2.0+incompatible
k8s.io/api v0.27.2
k8s.io/apiextensions-apiserver v0.27.2
k8s.io/apimachinery v0.27.2
k8s.io/apiserver v0.27.2
k8s.io/cli-runtime v0.27.2
k8s.io/client-go v0.27.2
k8s.io/klog/v2 v2.100.1
k8s.io/kube-aggregator v0.27.2
k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f
k8s.io/pod-security-admission v0.27.2
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
sigs.k8s.io/controller-runtime v0.15.0
sigs.k8s.io/kustomize/api v0.13.4
sigs.k8s.io/kustomize/kyaml v0.14.2
sigs.k8s.io/yaml v1.3.0
)
require (
cloud.google.com/go/compute v1.19.1 // indirect
github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
github.com/google/cel-go v0.12.6 // indirect
github.com/stoewer/go-strcase v1.2.0 // indirect
)
require (
cloud.google.com/go/compute/metadata v0.2.3 // indirect
cloud.google.com/go/iam v1.0.0 // indirect
cloud.google.com/go/kms v1.10.1 // indirect
cuelang.org/go v0.4.3 // indirect
github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 // indirect
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.28 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect
github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
github.com/Microsoft/go-winio v0.6.1 // indirect
github.com/OneOfOne/xxhash v1.2.8 // indirect
github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903 // indirect
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
github.com/acomagu/bufpipe v1.0.4 // indirect
github.com/agnivade/levenshtein v1.1.1 // indirect
github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4 // indirect
github.com/alibabacloud-go/cr-20160607 v1.0.1 // indirect
github.com/alibabacloud-go/cr-20181201 v1.0.10 // indirect
github.com/alibabacloud-go/darabonba-openapi v0.2.1 // indirect
github.com/alibabacloud-go/debug v0.0.0-20190504072949-9472017b5c68 // indirect
github.com/alibabacloud-go/endpoint-util v1.1.1 // indirect
github.com/alibabacloud-go/openapi-util v0.1.0 // indirect
github.com/alibabacloud-go/tea v1.1.20 // indirect
github.com/alibabacloud-go/tea-utils v1.4.5 // indirect
github.com/alibabacloud-go/tea-xml v1.1.3 // indirect
github.com/aliyun/credentials-go v1.2.7 // indirect
github.com/aws/aws-sdk-go-v2 v1.17.7 // indirect
github.com/aws/aws-sdk-go-v2/config v1.18.19 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.13.18 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.1 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.31 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.25 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.32 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.18.7 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.15.6 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.25 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.20.8 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.12.6 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.6 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.18.7 // indirect
github.com/aws/smithy-go v1.13.5 // indirect
github.com/benbjohnson/clock v1.3.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver v3.5.1+incompatible // indirect
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/clbanning/mxj/v2 v2.5.7 // indirect
github.com/cloudflare/circl v1.3.3 // indirect
github.com/cockroachdb/apd/v2 v2.0.2 // indirect
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect
github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
github.com/coreos/go-oidc/v3 v3.5.0 // indirect
github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
github.com/djherbis/times v1.5.0 // indirect
github.com/docker/cli v23.0.4+incompatible // indirect
github.com/docker/distribution v2.8.2+incompatible // indirect
github.com/docker/docker v23.0.4+incompatible // indirect
github.com/docker/docker-credential-helpers v0.7.0 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/emicklei/go-restful/v3 v3.10.2 // indirect
github.com/emicklei/proto v1.11.1 // indirect
github.com/emirpasic/gods v1.18.1 // indirect
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
github.com/felixge/httpsnoop v1.0.3 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/fxamacker/cbor/v2 v2.4.0 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect
github.com/go-chi/chi v4.1.2+incompatible // indirect
github.com/go-errors/errors v1.4.2 // indirect
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-jose/go-jose/v3 v3.0.0 // indirect
github.com/go-ldap/ldap/v3 v3.4.4 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-openapi/analysis v0.21.4 // indirect
github.com/go-openapi/errors v0.20.3 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/loads v0.21.2 // indirect
github.com/go-openapi/runtime v0.25.0 // indirect
github.com/go-openapi/spec v0.20.8 // indirect
github.com/go-openapi/strfmt v0.21.7 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/go-openapi/validate v0.22.1 // indirect
github.com/go-piv/piv-go v1.11.0 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-playground/validator/v10 v10.12.0 // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
github.com/golang/glog v1.1.1 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/google/btree v1.1.2 // indirect
github.com/google/certificate-transparency-go v1.1.4 // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/go-github/v45 v45.2.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/gxui v0.0.0-20151028112939-f85e0a97b3a4 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/google/trillian v1.5.1 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
github.com/googleapis/gax-go/v2 v2.8.0 // indirect
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.2 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
github.com/hashicorp/go-sockaddr v1.0.2 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hashicorp/vault/api v1.9.0 // indirect
github.com/imdario/mergo v0.3.15 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/jedisct1/go-minisign v0.0.0-20230211184525-1f273d8dc776 // indirect
github.com/jellydator/ttlcache/v2 v2.11.1 // indirect
github.com/jinzhu/copier v0.3.5 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/kevinburke/ssh_config v1.2.0 // indirect
github.com/klauspost/compress v1.16.5 // indirect
github.com/leodido/go-urn v1.2.2 // indirect
github.com/letsencrypt/boulder v0.0.0-20230331213904-8c67769be400 // indirect
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.18 // indirect
github.com/mattn/go-runewidth v0.0.14 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
github.com/mozillazg/docker-credential-acr-helper v0.3.0 // indirect
github.com/mpvl/unique v0.0.0-20150818121801-cbe035fff7de // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/oklog/ulid v1.3.1 // indirect
github.com/oliveagle/jsonpath v0.0.0-20180606110733-2e52cf6e6852 // indirect
github.com/open-policy-agent/gatekeeper v0.0.0-20210824170141-dd97b8a7e966 // indirect
github.com/open-policy-agent/opa v0.51.0 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pelletier/go-toml/v2 v2.0.7 // indirect
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.4.0 // indirect
github.com/prometheus/common v0.42.0 // indirect
github.com/prometheus/procfs v0.9.0 // indirect
github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 // indirect
github.com/r3labs/diff v1.1.0 // indirect
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
github.com/rivo/uniseg v0.4.4 // indirect
github.com/ryanuber/go-glob v1.0.0 // indirect
github.com/sassoftware/relic v0.0.0-20210427151427-dfb082b79b74 // indirect
github.com/secure-systems-lab/go-securesystemslib v0.4.0 // indirect
github.com/segmentio/ksuid v1.0.4 // indirect
github.com/sergi/go-diff v1.3.1 // indirect
github.com/shibumi/go-pathspec v1.3.0 // indirect
github.com/sigstore/fulcio v1.1.0 // indirect
github.com/sigstore/rekor v1.0.1 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/skeema/knownhosts v1.1.1 // indirect
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
github.com/spf13/afero v1.9.5 // indirect
github.com/spf13/cast v1.5.0 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/spf13/viper v1.15.0 // indirect
github.com/spiffe/go-spiffe/v2 v2.1.3 // indirect
github.com/subosito/gotenv v1.4.2 // indirect
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
github.com/tchap/go-patricia/v2 v2.3.1 // indirect
github.com/tektoncd/chains v0.15.0 // indirect
github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 // indirect
github.com/thales-e-security/pool v0.0.2 // indirect
github.com/theupdateframework/go-tuf v0.5.2 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
github.com/tjfoc/gmsm v1.4.1 // indirect
github.com/transparency-dev/merkle v0.0.1 // indirect
github.com/vbatts/tar-split v0.11.3 // indirect
github.com/veraison/go-cose v1.1.0 // indirect
github.com/x448/float16 v0.8.4 // indirect
github.com/xanzy/go-gitlab v0.81.0 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xlab/treeprint v1.2.0 // indirect
github.com/yashtewari/glob-intersection v0.1.0 // indirect
github.com/zeebo/errs v1.3.0 // indirect
go.mongodb.org/mongo-driver v1.11.3 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.15.1 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.38.1 // indirect
go.opentelemetry.io/proto/otlp v0.19.0 // indirect
go.starlark.net v0.0.0-20230302034142-4b1e35fe2254 // indirect
go.uber.org/atomic v1.10.0 // indirect
golang.org/x/mod v0.10.0 // indirect
golang.org/x/net v0.10.0 // indirect
golang.org/x/oauth2 v0.7.0 // indirect
golang.org/x/sync v0.2.0 // indirect
golang.org/x/sys v0.8.0 // indirect
golang.org/x/term v0.8.0 // indirect
golang.org/x/time v0.3.0 // indirect
golang.org/x/tools v0.9.1 // indirect
google.golang.org/api v0.115.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20230403163135-c38d8f061ccd // indirect
google.golang.org/protobuf v1.30.0 // indirect
gopkg.in/go-jose/go-jose.v2 v2.6.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
k8s.io/component-base v0.27.2 // indirect
k8s.io/kubectl v0.26.3 // indirect
oras.land/oras-go/v2 v2.1.0 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/release-utils v0.7.3 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
)
replace github.com/jmespath/go-jmespath => github.com/kyverno/go-jmespath v0.4.1-0.20230204162932-3ee946b9433d