feat: add simple conformance tests #5073
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Codecov Report
@@ Coverage Diff @@
## main #5073 +/- ##
==========================================
- Coverage 36.08% 36.06% -0.03%
==========================================
Files 154 154
Lines 18235 18233 -2
==========================================
- Hits 6580 6575 -5
- Misses 10888 10890 +2
- Partials 767 768 +1
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
test/conformance/main.go
Outdated
| func main() { | ||
| runner := func(index int, path string, file fs.FileInfo) error { | ||
| name := fmt.Sprint("test-", index) | ||
| os.Setenv("KIND_NAME", name) |
There was a problem hiding this comment.
G104: Errors unhandled.
ℹ️ Learn about @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
test/conformance/main.go
Outdated
| } | ||
| for cluster, tests := range tests { | ||
| runner := func(name string, tests []Test) error { | ||
| os.Setenv("KIND_NAME", name) |
There was a problem hiding this comment.
G104: Errors unhandled.
ℹ️ Learn about @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| return stdout.Bytes(), stderr.Bytes(), err | ||
| } | ||
|
|
||
| func stdCommand(name string, arg ...string) *exec.Cmd { |
There was a problem hiding this comment.
💬 2 similar findings have been found in this PR
U1000: func stdCommand is unused
🔎 Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| test/conformance/main.go | 95 |
| test/conformance/main.go | 103 |
Visit the Lift Web Console to find more details in your report.
ℹ️ Learn about @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
vyankyGH
previously approved these changes
Oct 20, 2022
realshuting
reviewed
Oct 20, 2022
There was a problem hiding this comment.
Great work @eddycharly !
For this error message:
actual: Error from server: error when creating "test/conformance/manifests/should-fail/background-userinfo-4.yaml": admission webhook "validate-policy.kyverno.svc" denied the request: policy contains invalid variables: variable substitution failed for rule ns-vars: variable serviceAccountName must match regex "request.|element|elementIndex|@|images.|target.|([a-z_0-9]+()[^{}]" or patterns []
Are we using this regex to validate the allowed variables?
var allowedVariables = regexp.MustCompile(`request\.|serviceAccountName|serviceAccountNamespace|element|elementIndex|@|images\.|target\.|([a-z_0-9]+\()[^{}]`)
Nope, going to try it ! |
@realshuting I'm not sure we want to use it, they are not all forbidden in background mode right ? |
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2 tasks
|
@vyankyGH if you're around, can you give a look and eventually approve ? 🙏 |
chipzoller
approved these changes
Oct 20, 2022
|
And when this gets pulled in and works, I can send a PR to add another couple tests to try it out. |
Definitely, feel free to make changes, the location of manifests doesn't matter, they are referenced in |
I will add more too, best-practice policies should deploy and get ready (we can ask kubectl to wait for it now). |
|
/cherry-pick release-1.8 |
gcp-cherry-pick-bot bot
pushed a commit
that referenced
this pull request
Oct 20, 2022
* feat: add simple conformance tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
eddycharly
added a commit
that referenced
this pull request
Oct 20, 2022
MdSahil-oss
added a commit
to MdSahil-oss/kyverno
that referenced
this pull request
Dec 28, 2022
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
remove some enhancement mistakes and added getData() in /api/kyverno/v1/commontypes for forEachGeneration
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
refactor: make tls cert func not depending on cert controller (#4820)
* refactor: make tls cert func not depending on cert controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fmt
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* clean
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: non leader controllers management (#4831)
upgrade controller-runtime dependency (#4829)
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: call depth in logging package and global logger support for call depth (#4834)
* upgrade controller-runtime dependency
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* reset global logger in logging package
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* add description to globallogger
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* push only relevant changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix extension checks (#4836)
* fix extension checks
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
* fix test
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
refactor: leader controllers management (#4832)
* refactor: leader controllers management
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix start
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix deps
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove dead code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Update PSa images dsecription (#4840)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
chore: bump a couple of deps (#4842)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: use a dedicated policy metrics controller (#4818)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: add config support to webhook controller (#4838)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
refactor: make cert manager a real controller (#4792)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: replace AbsPath with RequestURI to support query params (#4849)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
e2e test for mutate policy (#3383)
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
reverted wrong changes in generation.go
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
docs: add debug instructions (#4843)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Add workflow to detect and report on image vulns (#4850)
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
chore: add launch.json for vscode debugging (#4856)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
feature: use cert extension oid as key (#4854)
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Furkan Türkal <furkan.turkal@trendyol.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix test output numbering (#4853)
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
docs: add section in helm docs to install with argocd (#4878)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: hardening policy validation for generate cloneList (#4881)
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
fix: background scan labels (#4865)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Fix result colour (#4885)
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
fix: non watchable resources in report controller (#4888)
* fix: non watchable resources in report controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix events
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: auto gen enabled when using names (#4863)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
refactor: manage webhooks with webhook controller (#4846)
* refactor: add config support to webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: add client config to webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* migrate verify webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* v1
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: move policy webhooks management in webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* policy validating webhook config
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watch policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: migrate resource webhook management in webhook controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* mutating webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* auto update
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* auto update and wildcard policies
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* policy readiness
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: can't use v1 admission
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* reduce reconcile
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watchdog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* health check
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* runtime utils
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* runtime utils
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* watchdog check
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* remove delete from mutating webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
chore: add argocd lab (#4884)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: reduce webhook controller logs (#4897)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: remove unnecessary dependencies from tls package (#4903)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: openapi controller part 1 (#4901)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: don't specify rules when aggregationRule is set (#4867)
Fixes #4866
Signed-off-by: James Callahan <jamescallahan@bitgo.com>
Signed-off-by: James Callahan <jamescallahan@bitgo.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: clean background scan reports (#4908)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: openapi controller part 2 (#4910)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: openapi controller discovery (#4912)
* refactor: openapi controller part 2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rename 2
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* move controller
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: openapi controller discovery
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
chore: signing helm releases (#4801)
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: use constants defined in openapi controller (#4919)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
chore: update controller-tools to v0.10.0 (#4918)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
add filter for validation policies when ValidationFailureActionOverrides is used (#4809)
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
[Cleanup] Disable PolicySkipped events (#4913)
* remove skip events
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* update conditions
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* improve conditions
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* remove redundant function
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
chore: bump a couple of deps (#4925)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: make cert renewer private and add server name support (#4904)
* fix: remove unnecessary dependencies from tls package
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: make cert renewer private and add server name support
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: panic when bad variable substitution (#4928)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
chore: add COSIGN_REPOSITORY env to ko-publish-dev step (#4922)
fix: set operation in context when necessary (#4940)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: probes should work in debug mode (#4926)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: consider generateName when matching resources (#4945)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Fix background scan with request.operation (#4947)
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump JasonEtco/create-an-issue
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump versions in drop-downs
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix background mode scan with request.operation
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Revert "bump versions in drop-downs"
This reverts commit 5fcea048dd455ba055cc960d491987c70f080936.
* Revert "bump JasonEtco/create-an-issue"
This reverts commit f0d44c7aca759a7c294602f40030711a7a0309db.
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Update issue templates and scan for vulns action (#4952)
* update version drop-down
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Add workflow to detect and report on image vulnerabilities
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* pin deps
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump JasonEtco/create-an-issue
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump versions in drop-downs
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix background mode scan with request.operation
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* Revert "bump versions in drop-downs"
This reverts commit 5fcea048dd455ba055cc960d491987c70f080936.
* Revert "bump JasonEtco/create-an-issue"
This reverts commit f0d44c7aca759a7c294602f40030711a7a0309db.
* update version drop-downs
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* bump action version
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
fix: don't report ready until certs are valid (#4934)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Added support to specify key signature algorithm in verifyImages (#4855)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Pratik Shah <pratik@infracloud.io>
chore: bump a few deps (#4943)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: admission reports printer (#4950)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Fixed issue-4530: Added separate attestor type for secrets and KMS (#4733)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Vyankatesh <vyankateshkd@gmail.com>
chore: Push and sign install manifests to GHCR (#4895)
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Stefan Prodan <@stefanprodan>
Co-authored-by: Charles-Edouard Brétéché <@eddycharly>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
fix: missing watchers in resource report controller (#4967)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: improve banned types management in reports (#4953)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: don't produce empty admission reports (#4966)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: add user info in admission request logs (#4969)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: missing autogen rules in status (#4971)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: config reloading not working correctly (#4951)
* fix: config reloading not working correctly
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: Add container registry setting on Helm Chart (#4281)
To make the customization of the container registries easier, eg.
a custom private registry, this change adds a new property on the
images configuration to allow setting a custom image registry
without needing to customize the repository of the image.
Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
chore: add myself in approvers (#4990)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
docs: add resource exclusions note in helm docs (#4989)
* docs: add resource exclusions note in helm docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nit
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: add policy-reporter to argocd lab (#4988)
* feat: add policy-reporter to argocd lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
feat: add startup probes support (#4896)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: treydock <tdockendorf@osc.edu>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
feat: add metrics server and kube-prometheus-stack to argocd lab (#4995)
* feat: add policy-reporter to argocd lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add metrics server and kube-prometheus-stack to argocd lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* typo
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: webhooks not registering when using name override (#4992)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: skip admission in dry run requests (#4994)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix principal and role variables are not substituted (#5000)
refactor: add update status helper (#4985)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
updates with case insensitivity guarantee (#4954)
* updates with case insensitivity guarantee
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* fix syntax
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: use default retry with retryfunc for a conflict (#4973)
DefaultRetry is the recommended retry for a conflict
where multiple clients are making changes to the same resource
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
fix: update policy status (#5006)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: don't process non background policies in background scan (#5008)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: global anchor warning (#4962)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
fix: policy not denied when kinds set is empty (#5016)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
remove RBACInfo check (#5015)
validate patchJSON6902 (#4469)
* validate patchJSON6902
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
* validate patchJSON6902
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
* test: validateJSON6902 tests
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
* validate patchJSON6902
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
* test: validate patchJSON6902
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
Signed-off-by: Shivansh-yadav13 <yadavshivansh@gmail.com>
Signed-off-by: Shivansh Yadav <yadavshivansh@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Enable adding annotations to configmaps in the helm chart (#4984)
* fix: add user info in admission request logs (#4969)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* fix: missing autogen rules in status (#4971)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* fix: config reloading not working correctly (#4951)
* fix: config reloading not working correctly
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* nits
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* enable adding annotations to configmaps in the helm chart
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* add entry to artifacthub.io release notes in Chart.yaml
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* change name of annotation keys; codegen the readme docs
Signed-off-by: Brian Provenzano <bproven@gmail.com>
* feat: Add container registry setting on Helm Chart (#4281)
To make the customization of the container registries easier, eg.
a custom private registry, this change adds a new property on the
images configuration to allow setting a custom image registry
without needing to customize the repository of the image.
Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
Signed-off-by: Brian Provenzano <bproven@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Brian Provenzano <bproven@gmail.com>
Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Samuel Torres <samuelpirestorres@gmail.com>
fix: add more infos in reports printers (#5027)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Fixed issue-4655: verifyImages is executed before mutate (#4996)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
fix: Attempt to fix the CI failure, extract CI job push-sign-install-manifest (#5035)
* extract CI job push-sign-install-manifest
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix indent
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update env
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
fix: lower default qps/burst (#5034)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
feat: make shutdown more graceful (#5031)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Enhanced
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
added applyRules() in /pkg/background/generate/generate.go
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
fix: lease log message (#5030)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix env (#5046)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
feat: add controller logger helper (#5029)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
feat: add image verification support to background scan (#5047)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Created configuration file for Openssf scorecard (#4778)
Signed-off-by: Abhiyant Gwalani <71189932+abhiyant-10@users.noreply.github.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: account for policy/rule deletion in aggregated reports (#5048)
* fix: account for policy/rule deletion in aggregated reports
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* reduce delay
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: go routines not gracefully shut down in controllers (#5022)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: do not update reports when they are identical (#5056)
* fix: do not update reports when they are identical
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: detection of kyverno going down (#5055)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: setup max procs with correct logger (#5059)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: image verification reports missing in admission mode (#5037)
* fix: image verification reports missing in admission mode
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: configure idle timeout in server (#5062)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: add webhook server logger (#5063)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
added apiCalls support in kyverno-apply command (#4938)
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
fix: make reponse order predictable (#5079)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
make response order predictable
feat: add simple conformance tests (#5073)
* feat: add simple conformance tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: use correct logger in webhook controller (#5083)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
test: add best practices policies in conformance tests (#5082)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: handle resource cleanup when policy is deleted (#5021)
* fix: handle delete UR when policy is deleted
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* fix cleanup
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* use selector to list the update request
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
ci: Use the Docker login action for GHCR auth (#5091)
Use the `docker/login-action` action and the default `GITHUB_TOKEN` for setting up the GHCR credentials for Flux and Cosign to be able to push OCI artifacts to ` ghcr.io/kyverno/manifests/kyverno`.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
fix: allow delete of target resource with synchronize false (#5081)
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
feat: add flag to configure the number of background scan workers (#5088)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
refactor: simplify variables regex (#5075)
* feat: add simple conformance tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* gh action
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* separate workflow
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix the bug
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix cli test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* improvements
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* improvements
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fixes
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix: variables regex
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: use correct side effects in validating webhooks (#5080)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
ci: Fix install manifests publishing with Flux (#5110)
- use the correct version to tag artifacts
- add only the generated install.yaml to the artifact contents
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Added forEachGetResourceInfoForDataAndClone() in pkg/background/generate/generate.go
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
docs: separate dev and user docs (#5114)
* docs: separate dev and user docs
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: enable/disable Debug mode which shows entire AdmissionReview payload (#5024)
* work in progress PR
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* add custom request struct
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* pass debug mode option through constructor and replace logger with klogr
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* make changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add another test case
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* removed unused function
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* fix linter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
clean conformance (#5089)
* clean conformance
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* adjust names
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
[Feature] create command line option to set failurePolicy globally (#4991)
* add forceFailurePolicyIgnore flag
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* cleanup code
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* add logging
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* resolve merge conflicts
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* fix codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: conformance tests (#5118)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Remove old version of golang.org/x/sys (#5125)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
feat: add categories support to our CRDs (#5112)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
feat: oci pull/push support for policie(s) (#5026)
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Add AGE in printer columns of CRDs (#5119)
* Add AGE in printer columns of CRDs
Signed-off-by: Santosh Kaluskar <dtshbl@gmail.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Santosh Kaluskar <dtshbl@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix finalizers mutation with patchesJson6902 (#5132)
* fix finalizers mutation with patchesJson6902
Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com>
chore: remove old docs (#5130)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: remove policy mutation for auto-gen rules (#5123)
* feat: remove policy mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* Fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
fix: mutation policy inconsistent patching for ephemeralContainers (#5121)
* fix: mutation policy consistent patching for ephemeralContainers
Signed-off-by: praddy26 <pradeep.vaishnav4@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Extended applyRules() in generate.go
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
reset resource version on update (#5157)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
skip generating events on empty rule response (#5158)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Fixed issue-5102: Show rule count and type in output (#5106)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Pratik Shah <pratik@infracloud.io>
finished applyRules() function
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
Renamed applyRules() to applyForEachGenerateRules() in term of removing namimg confliction from the generate.go file
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
feature: SLSA Level 3 provenance generation for Kyverno images: kyverno init, kyverno and kyvernopre (#4268)
Signed-off-by: zurrehma <zahid.chashma@gmail.com>
Signed-off-by: zurrehma <zahid.chashma@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
fix: configure klog and global logger to use zapr in json mode (#5144)
* configure klog and global logger to use zapr in json mode
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* make zapr compatible with klog's -v argument
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove logLevel flag
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Added and Changed GetData() in common_types.go
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
Add ability to use commands in comments (#5154)
* Add ability to use commands in comments
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* Fix typo
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* reset resource version on update (#5157)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* skip generating events on empty rule response (#5158)
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* Fixed issue-5102: Show rule count and type in output (#5106)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* feature: SLSA Level 3 provenance generation for Kyverno images: kyverno init, kyverno and kyvernopre (#4268)
Signed-off-by: zurrehma <zahid.chashma@gmail.com>
Signed-off-by: zurrehma <zahid.chashma@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* Pin action to specific hash
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* Add `/approve`
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
* fix: configure klog and global logger to use zapr in json mode (#5144)
* configure klog and global logger to use zapr in json mode
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* make zapr compatible with klog's -v argument
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove changes
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove logLevel flag
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
Signed-off-by: Rishit Dagli <rishit.dagli@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: zurrehma <zahid.chashma@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Pratik Shah <pratik@infracloud.io>
Co-authored-by: Zahid Khan <zahid.chashma@gmail.com>
Co-authored-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
Co-authored-by: yinka <holayinkajr@gmail.com>
fix 5151 issue (#5170)
Corrected Kubernetes spelling (#5134)
* Corrected Kubernetes spelling
Signed-off-by: Quirino Gervacio <qgervacio@gmail.com>
* fix codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Quirino Gervacio <qgervacio@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: kyverno-bot <104836976+kyverno-bot@users.noreply.github.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
refactor: support Audit and Enforce validation failure actions (#5152)
* feat: remove policy mutation code
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: support Audit and Enforce failure actions
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* codegen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* typo
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* update changelog
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
feat: run leader election in loop (#5173)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: content type in log (#5177)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
chore: add kind config file (#5178)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: do not cancel context when loosing the lead (#5180)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: check resource version on update notification (#5179)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: use pagination to aggregate reports (#5190)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: remove policyreport package (#5174)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Helm chart: add extraCRDAnnotations value and set ArgoCD sync option by default (#4964)
* fix: add extraCRDAnnotations option to helm chart
set ArgoCD replace sync option by default
Signed-off-by: Edwin Mackenzie-Owen <edwin.mowen@gmail.com>
* fix: add extraCRDAnnotations via codegen
* use template
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Edwin Mackenzie-Owen <edwin.mowen@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: deletion of reports not belonging to kyverno (#5194)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: support disabling schema validation on the patched resource (#5197)
* Support disable schema validation on the patched resource
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update api doc
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
fix: early return in policy validation (#5200)
* fix: early return in policy validation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: health check system (#5176)
* refactor: health check system
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* filter
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
chore: server side apply in argo lab (#5209)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: too much information for the Policy Rule Execution Latency metric (#5208)
* remove general_rule_latency_type
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove resource_request_operation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove resource_namespace
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* remove resource_kind
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix linter
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
feat: add policy label to policy reports (#5198)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
[BUG] Fix foreach deletion issue (#5224)
* fix foreach deletion issue
add kuttl tests (#5204)
- add kuttl tests
- try rekor: {url: "https://rekor.sigstore.dev"}
- add rekor{} object to last two policies
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
add remainder of e2e verifyImages tests (#5229)
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
feat: add grafana dashboard to helm chart (#5230)
* feat: add grafana dashboard to helm chart
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* release note
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: treydock <tdockendorf@osc.edu>
Fixed description for secret name (#5228)
Signed-off-by: Pratik Shah <pratik@infracloud.io>
Signed-off-by: Vyankatesh <vyankateshkd@gmail.com>
chore: add loki to argocd lab (#5231)
* chore: add loki to argocd lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* chore: add loki to argocd lab
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
[Feature] Pin Dependencies by Hash (#5168)
* pin dependencies by hash
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
* pin scripts
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Signed-off-by: Anant Vijay <anantvijay3@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: remove /approve from prow actions (#5243)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Fix Keda policy installation issue (#5239)
fix generateName mutation (#5146)
refactor: move all middlewares in handlers sub package (#5244)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: kyverno Dockerfile base image tag and sha256 hash (#5248)
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
feat: separate webhook rules per GVK/rule (#4986)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
fix: remove unused code in config (#5242)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
More kuttl tests (#5238)
* add remainder of e2e verifyImages tests
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add tests
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add external-metrics test case and scaffolding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update scaffolding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add keyed-basic test
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add migrated e2e test for gen role and rolebinding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add clone-role-and-rolebinding from e2e
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* remove timeout param from kuttl-test.yaml
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add tests for external-metrics Policy fix
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
chore: add kuttl in makefile (#5254)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
chore: use conditions in kuttl tests to check ready policies (#5252)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Kuttl updates (#5257)
* add remainder of e2e verifyImages tests
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add tests
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add external-metrics test case and scaffolding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update scaffolding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add keyed-basic test
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add migrated e2e test for gen role and rolebinding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add clone-role-and-rolebinding from e2e
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* remove timeout param from kuttl-test.yaml
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* add tests for external-metrics Policy fix
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update test path
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update README
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: add warning when using deprecated validation failure action (#5219)
* fix: add warning when using deprecated validation failure action
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
chore: remove old conformance tests files (#5260)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: create cleanup new CRDs (#5233)
* create new cleanup CRDs
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
* fix package
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
refactor: admission response utils (#5234)
- refactor: admission response utils
- unit tests
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: account for error rules in mutation webhook (#5264)
* fix: account for error rules in mutation webhook
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: add missing test suite to kuttl (#5268)
* fix: add missing test suite to kuttl
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix path
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
chore: add kuttl autogen tests (#5253)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
add test instructions (#5271)
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
fix: keep admission warnings (#5269)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: resource schema validation in policies under any/all match (#5246)
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
Signed-off-by: Sandesh More <sandesh.more@infracloud.io>
refactor: admission metrics (counter and latency) (#5245)
* refactor: move all middlewares in handlers sub package
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* refactor: admission metrics (counter and latency)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* builder
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* fix
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* cleanup
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
feat: add flag to control leader election frequency (#5172)
* feat: add flag to control leader election frequency
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* changelog
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
fix: make zapr compatible with klog's -v argument (#5166)
* make zapr compatible with klog's -v argument
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
* remove zap logger's NameKey
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
Signed-off-by: damilola olayinka <holayinkajr@gmail.com>
chore: update kuttl (#5285)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: kuttl test external-service (#5287)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: check policy is ready in kuttl tests (#5286)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: image extractor kuttl tests (#5293)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: allow delete of clone target resource with synchronize false (#5161)
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
tests: add kuttl tests for multiple clone generate (#5280)
* tests: add kuttl tests for multiple clone generate
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* bump kuttl version v1.13.1
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* fix review comments
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* remove cleanup of image-verify tests
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
fix: reduce startup probe delay (#5296)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Update kuttl test scaffolding (#5303)
* add test instructions
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
* update scaffolding
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
fix: set rule response status as skip if precondition failed (#5162)
exisiting UpdateRequest gets delete if precondition
failed for the matched rule in case of skip rule response.
Signed-off-by: Prateek Pandey <prateek.pandey@nirmata.com>
Signed-off-by: Prateek Pandey <prateek.pandey@nirmata.com>
fix: add parsing of json pointers to support special chars (#3578 #3616) (#4767)
* Added jsonpointer package that supports parsing of paths and JSON pointers that can yield either a JSON pointer string or JMESPath string.
* Replaced the use of `strings.Split` and `strings.Join` in places where paths are converted to JMESPaths.
Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com>
Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
fix: send notification when stoping watching resource in reports system (#5298)
* fix: send notification when stoping watching resource in reports system
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* add kuttl test
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* rework
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* readme
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
fix: wrong logger used (#5311)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Fix issue where CLI test command ignores failures (#5189)
Closes #5187
The test command was resetting the return value to "pass", even if it
was already marked failed, in some cases. This solves by moving the
"pass" into an else-if clause.
Signed-off-by: Eric Miller <eric.miller@instructure.com>
Signed-off-by: Eric Miller <eric.miller@instructure.com>
Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
test: add kuttl tests for jmespath special chars (#5310)
* Adds tests for fixes in #4767
Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com>
Signed-off-by: Tobias Dahlberg <tobias.dahlberg@sinch.com>
Co-authored-by: shuting <shuting@nirmata.com>
allow list with policies in test (#5227)
Signed-off-by: bakito <github@bakito.ch>
Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: shuting <shuting@nirmata.com>
fix: synchronize source resource update to clone list resource (#5317)
* fix: synchronize source resource update to clone list target resource
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* add kuttl test to verify the clone list synchronized behavior
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* refactor functions parameters
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* fix the kuttl test description and behavior README
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
* Use entire content to compare
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
resolved merge conflict
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
Added conditional for Generate rule in /pkg/background/generate/generate.go
Signed-off-by: Md Sahil <Mohdssahil1@gmail.com>
Corrected changes in pkg/background/generate/generate.go
feat: add cleanupPolicy validation code (#5279)
* validate the cleanupPolicy
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
* add validation for DELETE permission for cleanupPolicy
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
* add separate binary for cleanupPolicy
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
* fix linter issues
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
feat: add replicaset and replicationcontroller to autogen (#4975)
* fix: missing autogen rules in status
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* feat: add replicaset and replicationcontroller to autogen
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
* merge main
Signed-of…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Signed-off-by: Charles-Edouard Brétéché charles.edouard@nirmata.com
Explanation
This PR adds simple conformance tests.
Related issue
Fixes #5068
Fixes #5069
Fixes #5070