forked from kyverno/kyverno
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release 1.12 #103
Open
anushkamittal2001
wants to merge
61
commits into
nirmata:release-1.12-n4k
Choose a base branch
from
kyverno:release-1.12
base: release-1.12-n4k
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Release 1.12 #103
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix(globalcontext): old waitgroup not stopping * chore(globalcontext): add AGE * feat(globalcontext): add lastRefreshTime * fix(globalcontext): unhandled intormer run exception * chore(globalcontext): comment wording * chore(globalcontext): codegen * fix(globalcontext): linter --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
…9828) (#9833) * Restore warn-exite-code functionality for apply command * Nove error handling * Uncomment println statement * Fixing linting * Adding conformance tets for cli apply command with warn-exit-code * Update path to kubectl-kyverno binary * Add prepare-cli as needed dependency * feat: install kubectl-kyverno in standard conformance tests * fix: update chainsaw config * fix: move CLI chainsaw tests to a separate action * fix: CLI path * fix: name * fix: add chainsaw flag '--no-cluster' * fix: CLI name --------- Signed-off-by: Matt Veitas <mveitas@gmail.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: shuting <shuting@nirmata.com> Co-authored-by: Matt Veitas <mveitas@gmail.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
…lation check (#9893) (#9899) * fix: properly update policy context after preexisting resource in violation check * chore: remove all copy function usages * chore: nit * refactor context resource swap * feat: chainsaw tests * fix: test: * fix: logger panic * fix: copy cover policycontext --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
…ied (#9935) (#9968) * fix: deferred loader panic when mutate and generate policies are applied * fix: tests * fix: update policies * remove clusterrolebinding * fix: copy only json context * fix: polctx --------- Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
anushkamittal2001
requested review from
vishal-chdhry,
eddycharly,
realshuting and
MariamFahmy98
as code owners
April 1, 2024 03:12
* fix: re-use the maxQueuedEvents * fix: use the apierrors.IsNotFound instead of checking a specfic error msg --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
* enhancement: split validation logic for enforce and audit policies to return admission response earlier * chore: add missing file * fix: unit tests * fix: linter issues * fix: unit tests * fix: get latest policy object before updating status * chore: remove debug code * fix: compare before updates * fix: initial reconcile * fix: updates * feat(audit): use a worker pool for Audit policies * fix: unit test * fix(attempt): spin up go routine * feat: add flags maxAuditWorkers, maxAuditCapacity * fix: enable debug log on failure * fix: wait group panic * load-tests: add stess tests configurations * load-tests: disable admissionreports * fix: build policy contexts syncronously * fix: only run generate and mutate existing go routines when policies are present * fix: mutate and verify tests * fix: return early if no audit policy * fix: run handlegenerate and mutate existing in all cases * fix: only test bgapplies in generate test * fix: defer wait in tests * enhancement: process validate enforce in a go routine --------- Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
…0059) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
) (#10085) * fix: return skip when cel preconditions aren't met * fix test * fix: return skip when matchConditions in VAPs aren't met --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
* fix: shared policy context needs to be copied * test(e2e): concurrent PSS execution * test(e2e): wait for pss policies to be ready --------- Signed-off-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: Khaled Emara <khaled.emara@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
… (#10151) * fix: skip rules without operation in resource webhook creation * test: add unit test for buildRulesWithOperations * fix liniting issues --------- Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> Co-authored-by: Norwin Schnyder <norwin.schnyder+github@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>
* chore: release v1.12.1-rc.1; bump controller-gen Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: update code-gen docs Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
#10185) * make webhook pod annotations configurable * run make codegen-helm-all --------- Signed-off-by: André Bauer <andre.bauer@staffbase.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: André Bauer <monotek@users.noreply.github.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* allow kyverno apply to continue on failure * allow kyverno apply to continue on failure --------- Signed-off-by: lanting.chiang <lanting.chiang@robinhood.com> Co-authored-by: Lanting Chiang <49918461+lantingchiang@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com>
Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
…ork (#10216) (#10240) * added verbosity level * added else statement to handle the error * fix: verbosity in cli --------- Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: GitHub <noreply@github.com> Signed-off-by: anushkamittal20 <anumittal4641@gmail.com> Co-authored-by: Anushka Mittal <138426011+anushkamittal2001@users.noreply.github.com> Co-authored-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: anushkamittal20 <anumittal4641@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
get 1.12 branch in n4k on track with upstream