Skip to content

Commit

Permalink
Merge branch 'kyverno:main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@anushkamittal2001
anushkamittal2001 authored Jul 26, 2024
2 parents d4ed9d9 + 8109f21 commit 20f470e
Show file tree
Hide file tree
Showing 1,389 changed files with 60,808 additions and 77,893 deletions.
2 changes: 1 addition & 1 deletion .devcontainer/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM ubuntu:24.04@sha256:e3f92abc0967a6c19d0dfa2d55838833e947b9d74edbcb0113e48535ad4be12a
FROM ubuntu:24.04@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30

RUN apt-get update && apt-get install -y sudo git curl apt-transport-https ca-certificates gnupg-agent software-properties-common
ARG USERNAME=root
Expand Down
2 changes: 2 additions & 0 deletions .github/ISSUE_TEMPLATE/bug-cli.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ body:
- 1.12.1
- 1.12.2
- 1.12.3
- 1.12.4
- 1.12.5
validations:
required: true
- type: textarea
Expand Down
2 changes: 2 additions & 0 deletions .github/ISSUE_TEMPLATE/bug-other.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ body:
- 1.12.1
- 1.12.2
- 1.12.3
- 1.12.4
- 1.12.5
validations:
required: true
- type: textarea
Expand Down
2 changes: 2 additions & 0 deletions .github/ISSUE_TEMPLATE/bug-webhook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ body:
- 1.12.1
- 1.12.2
- 1.12.3
- 1.12.4
- 1.12.5
validations:
required: true
- type: dropdown
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/setup-build-env/action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ runs:
git fetch --prune --unshallow
- uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
with:
go-version: ~1.22.2
go-version: ~1.22.4
- shell: bash
run: |
go mod download
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/check-actions.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@76d1d8e0b075d7190b5d59b86da91c7bdbcc99b2 # v3.0.7
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b88cd0aad2c36a63e42c71f81cb1958fed95ac87 # v3.0.10
with:
# slsa-github-generator requires using a semver tag for reusable workflows.
# See: https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
Expand Down
20 changes: 20 additions & 0 deletions .github/workflows/clean-stale-branches.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: Cleanup Stale Branches

on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # This schedule runs the workflow at midnight every day

jobs:
cleanup-stale-branches:
runs-on: ubuntu-latest
steps:
- name: Cleanup Stale Branches
uses: cbrgm/cleanup-stale-branches-action@03d7d18e1a5ca5663846c6399e0614941d4985c3 # v1.1.19
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.repository }}
allowed-prefixes: "dependabot/,temp-cherry-pick-,cherry-pick-"
last-commit-age-days: 7
dry-run: false
rate-limit: true
4 changes: 2 additions & 2 deletions .github/workflows/cli.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down Expand Up @@ -56,7 +56,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codecov.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down Expand Up @@ -50,13 +50,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Download coverage
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: coverage.out
- name: Upload Report to Codecov
uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
files: ./coverage.out
fail_ci_if_error: true
Expand Down
58 changes: 29 additions & 29 deletions .github/workflows/conformance.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down Expand Up @@ -48,7 +48,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down Expand Up @@ -120,15 +120,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -189,15 +189,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -263,15 +263,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -332,15 +332,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -405,15 +405,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -481,15 +481,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -556,15 +556,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -631,22 +631,22 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install crane
uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c
uses: imjasonh/setup-crane@31b88efe9de28ae0ffa220711af4b60be9435f6e
- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster and setup Sigstore Scaffolding
uses: sigstore/scaffolding/actions/setup@a7cba019075a061dc5e6dd4910cc5b0006302f3e
uses: sigstore/scaffolding/actions/setup@26f31cb72ca848bb0273fcbd7a4ebf187ec4d711
with:
version: main
k8s-version: ${{ matrix.k8s-version.version }}
Expand Down Expand Up @@ -685,7 +685,7 @@ jobs:
TEST_IMAGE_URL=ttl.sh/${IMAGE_NAME}:1h
crane copy cgr.dev/chainguard/static@$DIGEST $TEST_IMAGE_URL
cosign initialize --mirror $TUF_MIRROR --root $TUF_MIRROR/root.json
COSIGN_EXPERIMENTAL=1 cosign sign --rekor-url $REKOR_URL --fulcio-url $FULCIO_URL $TEST_IMAGE_URL --identity-token `curl -s $ISSUER_URL` -y
COSIGN_EXPERIMENTAL=1 cosign sign --rekor-url $REKOR_URL --fulcio-url $FULCIO_URL $TEST_IMAGE_URL --identity-token $OIDC_TOKEN -y
echo "TEST_IMAGE_URL=$TEST_IMAGE_URL" >> $GITHUB_ENV
# run tests
- name: Test with Chainsaw
Expand Down Expand Up @@ -725,15 +725,15 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down Expand Up @@ -829,9 +829,9 @@ jobs:
name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }} - ${{ matrix.tests }}
steps:
- name: Checkout kyverno/kyverno
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Checkout kyverno/policies
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: kyverno/policies
path: policies
Expand All @@ -842,7 +842,7 @@ jobs:
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
- name: Download kyverno CLI archive
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
Expand Down Expand Up @@ -902,7 +902,7 @@ jobs:
needs: prepare-images
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand Down Expand Up @@ -960,14 +960,14 @@ jobs:
name: ${{ matrix.tests }} - chainsaw
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# install tools
- name: Download kyverno CLI archive
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: kubectl-kyverno
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@dd64b5d7b2b7d36fdf701d48ac8b216aa94414db # v0.2.4
uses: kyverno/action-install-chainsaw@573a9c636f7c586f86ecb9de9674176daf80ee29 # v0.2.5
# create cluster
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/devcontainer-build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Build devcontainer image
run: docker build .devcontainer
- name: Trivy Scan Image
uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
with:
scan-type: 'fs'
ignore-unfixed: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/fossa.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Check secret
id: checksecret
uses: ./.github/actions/is-defined
Expand Down
Loading

0 comments on commit 20f470e

Please sign in to comment.