fix(chart): only create ServiceMonitor if cluster supports it #7926

nobbs · 2023-07-27T19:37:11Z

Explanation

Tiny change to the Helm chart regarding creation of ServiceMonitor resources. This adds an additional check to the ServiceMonitor template to ensure that the cluster supports the monitoring.coreos.com/v1 API version - if not, it will silently not create the ServiceMonitor instead of failing deployment of the chart.

Related issue

None

Milestone of this PR

/milestone 1.10.2

Checklist

I have read the contributing guidelines.
I have read the PR documentation guide and followed the process including adding proof manifests to this PR.
This is a bug fix and I have added unit tests that prove my fix is effective.
This is a feature and I have added CLI tests that are applicable.
My PR needs to be cherry picked to a specific release branch which is .
My PR contains new or altered behavior to Kyverno and
- CLI support should be added and my PR doesn't contain that functionality.
- I have added or changed the documentation myself in an existing PR and the link is:
- I have raised an issue in kyverno/website to track the documentation update and the link is:

Further Comments

Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

welcome · 2023-07-27T19:37:13Z

Thanks for opening your first Pull Request here! Please check out our Contributing guidelines and confirm that you Signed off.

treydock · 2023-07-27T19:40:35Z

@nobbs Please add a change log entry here:

kyverno/charts/kyverno/Chart.yaml

Line 28 in 3ed7303

artifacthub.io/changes: |

Also to validate this change and help ensure no future regressions, it would be useful I think to add a new CI values file that enables the service monitor which should stress the capabilities test since the CI will run in an environment where that API resource doesn't exist.

https://github.com/kyverno/kyverno/tree/main/charts/kyverno/ci - the trick is the file must end with -values.yaml to be part of the automated testing.

Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

nobbs · 2023-07-27T21:00:13Z

@treydock I've updated the changelog as requested.

Regarding your second point, there is already https://github.com/kyverno/kyverno/blob/main/charts/kyverno/ci/monitoring-values.yaml which enables the ServiceMonitors. As far as I understand how ct works, it will run helm template to generate the manifests based on the CI values, but due to the capability check the ServiceMonitors will always be missing from the generated files. Or am I missing something here?

treydock · 2023-07-27T21:07:16Z

Ah it looks like the testing changed and I didn't notice. We used to do ct install which actually does a helm install but looks like maybe now just doing simpler tests that don't run through the CI files from what I can see.

treydock · 2023-07-27T21:08:44Z

/cherry-pick release-1.10

codecov · 2023-07-27T21:18:26Z

Codecov Report

Merging #7926 (2c75539) into main (7fd2d1a) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #7926   +/-   ##
=======================================
  Coverage   33.09%   33.09%           
=======================================
  Files         240      240           
  Lines       22570    22570           
=======================================
  Hits         7469     7469           
  Misses      14332    14332           
  Partials      769      769

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

realshuting · 2023-07-28T07:39:35Z

1.10.2 has been cut today. We can bump the chart version if needed.

realshuting · 2023-07-28T08:01:43Z

Ah it looks like the testing changed and I didn't notice. We used to do ct install which actually does a helm install but looks like maybe now just doing simpler tests that don't run through the CI files from what I can see.

What test is missing? There's one runs helm test and that seems installing Kyverno:

Chart version: v3.0.0
Kyverno version: a6537a08d8d1d67a13cbec43fdd761357b5138b8

Thank you for installing kyverno! Your release is named kyverno.

The following components have been installed in your cluster:
- CRDs
- Admission controller
- Reports controller
- Cleanup controller
- Background controller

treydock · 2023-07-28T11:40:19Z

What test is missing? There's one runs helm test and that seems installing Kyverno:

The helm test will just install the chart with default values then run some sanity tests based on these tests: https://github.com/kyverno/kyverno/tree/main/charts/kyverno/templates/tests. The tests I think used to exist is to run ct install which is a tool from Helm that would iterate over these non-default values: https://github.com/kyverno/kyverno/tree/main/charts/kyverno/ci. Those non-default values would stress things besides defaults in values.yaml.

welcome · 2023-07-28T12:27:39Z

Congratulations! 🎉

Great job merging your first Pull Request here! How awesome! If you are new to this project, feel free to join our Slack community

* fix: only create ServiceMonitor if cluster supports it Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

* fix: only create ServiceMonitor if cluster supports it Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de> Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

…#7931) * fix: only create ServiceMonitor if cluster supports it Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de> Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: Alexej Disterhoft <github@disterhoft.de>

…o#7926) * fix: only create ServiceMonitor if cluster supports it Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

* feat:add usage of flux auth package for creating keychain for every oci provider, we will create a client from flux and use its login() method Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add registry checking Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: update azure keychain to return anonymous kc Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: remove google keychain Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: kubeconfig redefined Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: fix kubeconfig flag being double defined Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * updated comments (#7902) Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> * chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 (#7918) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.56.2...v1.57.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#7919) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.0 to 5.8.1. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.8.0...v5.8.1) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> * refactor validating admission policies (#7835) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * feat: update default keychain in registry to be empty (#7906) * feat: update default keychain to be empty Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: update registryCredentialHelpers description Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: rename vap to its full name (#7929) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix(chart): only create ServiceMonitor if cluster supports it (#7926) * fix: only create ServiceMonitor if cluster supports it Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de> * add IITS Consulting as adopter from Google Form (#7932) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * Adding other folder's subfolders to workflows/conformance.yaml's tests array (#7927) Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Chip Zoller <chipzoller@gmail.com> * feat: add create metrics-config cli command (#7782) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump svenstaro/upload-release-action from 2.6.1 to 2.7.0 (#7940) Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/svenstaro/upload-release-action/releases) - [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md) - [Commits](svenstaro/upload-release-action@2b9d284...1beeb57) --- updated-dependencies: - dependency-name: svenstaro/upload-release-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shuting <shuting@nirmata.com> * test: add tests for ghcr private repository (#7791) * chore: organize constants better (#7941) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: move cert.kyverno.io/managed-by label in constants (#7942) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: rename --compact to --detailed-results in CLI (#7937) * fix: rename --compact to --detailed-results in CLI Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * rename compact arg Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: move more constants (#7944) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add `create values` cli command (#7779) * feat: add cli command Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add create values cli command Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Removed usage of `replacements` from goreleaser.yml file (#7833) * Changed goreleaser.yml file Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> * Changed syntax Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> * Small indent fix Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> --------- Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * add 1.10.2 (#7947) Signed-off-by: Chip Zoller <chipzoller@gmail.com> * chore: move cache enabled label (#7949) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump go.uber.org/zap from 1.24.0 to 1.25.0 (#7952) Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.24.0 to 1.25.0. - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.24.0...v1.25.0) --- updated-dependencies: - dependency-name: go.uber.org/zap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * doc: add feature flag guidelines (#7951) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: move kyverno.io/verify-images constant (#7955) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: add ttl controller (#7821) * added the ttl controller Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fixed label and vars Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added logger Signed-off-by: Ved Ratan <vedratan8@gmail.com> * applied fixes Signed-off-by: Ved Ratan <vedratan8@gmail.com> * removed comments Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * more lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * applied changes Signed-off-by: Ved Ratan <vedratan8@gmail.com> * minor fixes Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix logger, separate parse logic Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added kuttl tests, validation utilities Signed-off-by: Ved Ratan <vedratan8@gmail.com> * commented code Signed-off-by: Ved Ratan <vedratan8@gmail.com> * renamed tests Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix test Signed-off-by: Ved Ratan <vedratan8@gmail.com> * created log.go Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix log.go Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added README.md refactor code Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added validation webhook Signed-off-by: Ved Ratan <vedratan8@gmail.com> * label-validation fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * added flag, updated verbs Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * updated verbs Signed-off-by: Ved Ratan <vedratan8@gmail.com> * updated helm chart Signed-off-by: Ved Ratan <vedratan8@gmail.com> * test fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * linter Signed-off-by: Ved Ratan <vedratan8@gmail.com> * imporoved webhook validation Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * linter fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * webhook names and path constants Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * constant label Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix label selector Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl test fix Signed-off-by: Ved Ratan <vedratan8@gmail.com> * helm docs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix controller logger Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: manager logger Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix failure policy Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * move kuttl tests in separate job Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove rbac steps Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove configmaps from core cluster role Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix logger Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * rename flag Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * kuttl Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix error Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix linter Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: rename ttl controller package (#7957) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore: move ttl formats to constants (#7958) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * feat: Add support for server-side-apply in generate rules (#7705) * feat: Add support for server-side-apply in generate rules Signed-off-by: Mike Bryant <mike@mikebryant.me.uk> * chore: run make codegen-all Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> * chore: Remove unnecessary file I got from copy/paste Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> --------- Signed-off-by: Mike Bryant <mike@mikebryant.me.uk> Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> * refactor: ttl label validation (#7960) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump github.com/google/go-containerregistry (#7961) Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.14.1-0.20230425172351-b7c6e9dc3944 to 0.16.1. - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](https://github.com/google/go-containerregistry/commits/v0.16.1) --- updated-dependencies: - dependency-name: github.com/google/go-containerregistry dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: fix cleanup controller debug in vscode (#7963) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: ttl cleanup controller events processing (#7964) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * test: add test to cleanup the same resource twice (#7965) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: ttl manager stop informer on error (#7966) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * chore(deps): bump slsa-framework/slsa-github-generator (#7968) Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases) - [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md) - [Commits](slsa-framework/slsa-github-generator@v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: slsa-framework/slsa-github-generator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: add basic structure for image verify cache (#7890) * feat: add interface for image verify cache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add basic client for cache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add ttl to client Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add flags and flag setup Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: added a default image verify cache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add propogation of cache to image verifier Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add useCache to image verification types Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: add ivcache to image verifier Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: add logger to cache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * typo: DisabledImageVerfiyCache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * typo: DisabledImageVerfiyCache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * Update cmd/internal/flag.go Signed-off-by: shuting <shutting06@gmail.com> * feat: add use cache to v2beta1 crd Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * bug: change public attribute TTL to private Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: replace nil in test with disabled cache Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * fix: convert ttl time to time.Duration Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: update opts to use time.Duration Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat:add policy version and remove delete functions by adding policy version, old entries will automatically become outdated and we will not have to remove them manually Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: remove clear and update get and set to take interface as input Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * style: fix lint issue Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: shuting <shutting06@gmail.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * Fixes kyverno cli container reorder (#7943) * added combine rule response Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * added kyverno test cli tests Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * added kyverno test cli tests Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * small nits Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * added ; in between the err messages Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * removed fixed rulename and ruletype Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> --------- Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> * chore(deps): bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (#7975) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.0 to 0.15.1. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.15.0...v0.15.1) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump golang.org/x/text from 0.11.0 to 0.12.0 (#7976) Bumps [golang.org/x/text](https://github.com/golang/text) from 0.11.0 to 0.12.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.11.0...v0.12.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#7977) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.11.0 to 0.12.0. - [Commits](golang/crypto@v0.11.0...v0.12.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix:Add Missing Severity Cases in SeverityFromString Function (#7974) Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com> Co-authored-by: shuting <shuting@nirmata.com> * feat(chart) Allow podSecurityContext and securityContext for webhooksCleanup (#7970) Fixes #7962 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: Fixed issue with AddVariable that prevented certain variables (#7981) When using a label or annotation with quoted dots, AddVariable was splitting inside the quote causing it to be improperly parsed and replaced Signed-off-by: mvaal <mvaal@expediagroup.com> * fix: Kyverno cli apply duplicate result counts (#7945) * removed repeated logic from kyverno_policies_types Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> fixed unit tests * fixed unit tests Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * updated common.go logic Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * remove skip response logic from common.go Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * remove skip response logic from common.go Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> * fixed conflict Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> --------- Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> * fix: return err in load data (#7982) Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> * fix, enhancement (#7988) * fix, enhancement Signed-off-by: Ved Ratan <vedratan8@gmail.com> * lint Signed-off-by: Ved Ratan <vedratan8@gmail.com> --------- Signed-off-by: Ved Ratan <vedratan8@gmail.com> * fix: improve lint Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: update auth pkg Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore: fix go mod Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: updated CLI keychains Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * chore update fluxcd/pkg/auth@0.31.1 Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> Signed-off-by: hackeramitkumar <amit9116260192@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de> Signed-off-by: Chip Zoller <chipzoller@gmail.com> Signed-off-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Ved Ratan <vedratan8@gmail.com> Signed-off-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com> Signed-off-by: Mike Bryant <mike@mikebryant.me.uk> Signed-off-by: Mike Bryant <mike.bryant@mettle.co.uk> Signed-off-by: shuting <shutting06@gmail.com> Signed-off-by: lichanghao.orange <lichanghao.orange@bytedance.com> Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Signed-off-by: mvaal <mvaal@expediagroup.com> Co-authored-by: Amit kumar <amit9116260192@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mariam Fahmy <mariam.fahmy@nirmata.com> Co-authored-by: Alexej Disterhoft <github@disterhoft.de> Co-authored-by: Chip Zoller <chipzoller@gmail.com> Co-authored-by: Pradyot Ranjan <99216956+prady0t@users.noreply.github.com> Co-authored-by: Pradyot Ranjan <99216956+pradyotRanjan@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Ved Ratan <82467006+VedRatan@users.noreply.github.com> Co-authored-by: Mike Bryant <mike.bryant@mettle.co.uk> Co-authored-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com> Co-authored-by: UgOrange <lichanghao.orange@bytedance.com> Co-authored-by: treydock <tdockendorf@osc.edu> Co-authored-by: Marcus Vaal <mvaal@expediagroup.com>

…kyverno#7926)" This reverts commit 590dce5. This will ensure servicemonitor can be enabled with ArgoCD which doesn't support querying API capabilities Fixes kyverno#8891 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>

…#7926)" (#8913) This reverts commit 590dce5. This will ensure servicemonitor can be enabled with ArgoCD which doesn't support querying API capabilities Fixes #8891 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com>

…#7926)" (#8913) (#8931) This reverts commit 590dce5. This will ensure servicemonitor can be enabled with ArgoCD which doesn't support querying API capabilities Fixes #8891 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: treydock <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com>

…kyverno#7926)" (kyverno#8913) This reverts commit 590dce5. This will ensure servicemonitor can be enabled with ArgoCD which doesn't support querying API capabilities Fixes kyverno#8891 Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu> Co-authored-by: shuting <shuting@nirmata.com>

fix: only create ServiceMonitor if cluster supports it

9916bde

Adds an additional check to the ServiceMonitor template to ensure that the cluster supports the `monitoring.coreos.com/v1` API version. Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

nobbs requested review from treydock and eddycharly as code owners July 27, 2023 19:37

chore: update chart changelog

3343c32

Signed-off-by: Alexej Disterhoft <alexej@disterhoft.de>

treydock enabled auto-merge (squash) July 27, 2023 21:07

treydock added cherry-pick-required milestone 1.10.2 labels Jul 27, 2023

Merge branch 'main' into fix/chart-monitoring-capabilities

d579b50

Merge branch 'main' into fix/chart-monitoring-capabilities

2c75539

treydock approved these changes Jul 28, 2023

View reviewed changes

treydock merged commit 590dce5 into kyverno:main Jul 28, 2023

gcp-cherry-pick-bot bot mentioned this pull request Jul 28, 2023

fix(chart): only create ServiceMonitor if cluster supports it (cherry-pick #7926) #7931

Merged

eddycharly added the cherry-pick-completed The PR was cherry-picked (or merged) to required release branches label Sep 27, 2023

stieglma mentioned this pull request Nov 13, 2023

[Bug] Servicemonitor cannot be created through ArgoCD when using the helm-chart #8891

Closed

2 tasks

gcp-cherry-pick-bot bot mentioned this pull request Nov 16, 2023

Revert "fix(chart): only create ServiceMonitor if cluster supports it (#7926) (cherry-pick #8913) #8931

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(chart): only create ServiceMonitor if cluster supports it #7926

fix(chart): only create ServiceMonitor if cluster supports it #7926

Uh oh!

nobbs commented Jul 27, 2023 •

edited

Loading

Uh oh!

welcome bot commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

nobbs commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

codecov bot commented Jul 27, 2023 •

edited

Loading

Uh oh!

realshuting commented Jul 28, 2023

Uh oh!

realshuting commented Jul 28, 2023

Uh oh!

treydock commented Jul 28, 2023

Uh oh!

welcome bot commented Jul 28, 2023

Uh oh!

Uh oh!

fix(chart): only create ServiceMonitor if cluster supports it #7926

fix(chart): only create ServiceMonitor if cluster supports it #7926

Uh oh!

Conversation

nobbs commented Jul 27, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Explanation

Related issue

Milestone of this PR

Checklist

Further Comments

Uh oh!

welcome bot commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

nobbs commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

treydock commented Jul 27, 2023

Uh oh!

codecov bot commented Jul 27, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

realshuting commented Jul 28, 2023

Uh oh!

realshuting commented Jul 28, 2023

Uh oh!

treydock commented Jul 28, 2023

Uh oh!

welcome bot commented Jul 28, 2023

Congratulations! 🎉

Uh oh!

Uh oh!

nobbs commented Jul 27, 2023 •

edited

Loading

codecov bot commented Jul 27, 2023 •

edited

Loading