github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-02-14 18:09:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,562 Commits 22 Branches 103 Tags
main
Commit Graph

16 Commits

Author SHA1 Message Date
Oliver Bähler
0abc77b56a feat: diverse performance improvements (#1861) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2026-02-03 22:05:00 +01:00
Oliver Bähler
a6b830b1af feat: add ruleset api(#1844) 
* fix(controller): decode old object for delete requests

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: modernize golang

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: modernize golang

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: modernize golang

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(config): remove usergroups default

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(config): remove usergroups default

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* sec(ghsa-2ww6-hf35-mfjm): intercept namespace subresource

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: conflicts

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(api): add rulestatus api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2026-01-27 14:28:48 +01:00
renovate[bot]
eb8d2b6076 chore(deps): update dependency golangci/golangci-lint to v2.8.0 (#1823) 
* chore(deps): update dependency golangci/golangci-lint to v2.8.0

* chore(deps): update dependency golangci/golangci-lint to v2.8.0

Signed-off-by: Hristo Hristov <me@hhristov.info>

* chore(deps): update dependency golangci/golangci-lint to v2.8.0

Signed-off-by: Hristo Hristov <me@hhristov.info>

* chore(deps): update dependency golangci/golangci-lint to v2.8.0

Signed-off-by: Hristo Hristov <me@hhristov.info>

---------

Signed-off-by: Hristo Hristov <me@hhristov.info>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hristo Hristov <me@hhristov.info>
 2026-01-08 15:43:32 +02:00
Oliver Bähler
730151cb44 feat: add dynamic capsule user evaluation (#1811) 
* chore: improve dev targets

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(controller): implement deterministic rolebinding reflection

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(controller): capsule users are determined from configuration status

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(tenantowners): added agreggate option - tenantowners are always considered capsule users

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(tenantowner): add implicit aggregation for tenants

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: remove helm flags

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(config): remove usergroups default

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-12-31 11:37:30 +01:00
Oliver Bähler
584d372521 feat(config): add combined users property as successor for usergroups (#1767) 
* feat(config): add combined users property as successor for usergroups and usernames configuration

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(crds): add proper deprecation notices on properties and via admission warnings

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: add local monitoring environment

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-12-04 12:18:07 +01:00
Hristo Hristov
dd39e1a6d5 feat(dra): support dra device classes (#1759) 
* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

* feat(dra): support dra device classes

Signed-off-by: Hristo Hristov <me@hhristov.info>

---------

Signed-off-by: Hristo Hristov <me@hhristov.info>
 2025-12-04 09:57:45 +02:00
Oliver Bähler
d812a0c722 feat(tenant): add dedicated tenantowner crd (#1764) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-12-02 15:21:46 +01:00
Oliver Bähler
a270d6797a fix(admission): consistently inspect ownerreferences for namespace validations (#1758) 
* fix(admission): consistently inspect ownerreferences for namespace validations

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(ci): add internal changes as e2e trigger

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-27 14:46:34 +01:00
Oliver Bähler
6e8405d5f0 feat: refactor core webhooks (#1756) 
* feat(webhook): add watchdog webhook to core

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(controller): ensure managed metadata for namespaces on update

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(controller): refactor core webhooks to generics

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix helm plugin installation

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: rename webhook to tenant-label

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-26 15:27:41 +01:00
Oliver Bähler
7e7d9d02c6 feat(config): administrators get delete privileges for tenant namespaces (#1749) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-20 18:33:08 +01:00
Oliver Bähler
581a8fe60e feat(controller): administration persona (#1739) 
* chore(refactor): project and api refactoring

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(refactor): project and api refactoring

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-11-18 16:27:16 +01:00
Oliver Bähler
634ed49694 feat(controller): add controllwr concurrency (#1722) 
* feat(controllers): add concurrency

* feat(controller): add workers flag

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(deps): update actions/upload-artifact action to v5 (#1721)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(deps): update github/codeql-action action to v4.31.0 (#1720)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: satisfy linter

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: use serviceaccount parsing

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.27.1 (#1714)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(deps): update github/codeql-action digest to ae78991 (#1719)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: use serviceaccount parsing

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: use serviceaccount parsing

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-26 14:32:35 +01:00
Oliver Bähler
5ac0f83c5a feat(controller): refactor namespace core loop and state management (#1680) 
* feat(controller): allow owners to promote serviceaccounts within tenant as owners

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(controller): refactor status handling for tenants and owned namespaces (including metrics)

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-10-06 08:19:26 +02:00
Oliver Bähler
9fa1abac65 feat(controller): allow owners to promote serviceaccounts within tenant as owners (#1626) 
* feat(controller): allow owners to promote serviceaccounts within tenant as owners

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: remove harpoon

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-09-11 23:12:45 +02:00
Oliver Bähler
3682283352 chore: add license headers (#1504) 
* chore: add nwa

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: update helm-schema version

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: update helm-schema version

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-06-13 07:31:04 +02:00
Oliver Bähler
c7237f802b feat(api): add resourcepools and claims (#1333) 
* feat: functional appsets

* feat(api): add resourcepools api

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix gomod

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: correct webhooks

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix harpoon image

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: improve e2e

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: add labels to e2e test

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix status handling

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix racing conditions

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: make values compatible

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: fix custom resources test

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: correct metrics

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2025-05-22 09:07:13 +02:00