github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-05-06 01:16:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,060 Commits 25 Branches 103 Tags
6184ff04997d9d6a9d927bb25d3823c84e1bc5b7
Commit Graph

159 Commits

Author SHA1 Message Date
Dario Tranchitella
3f5bc4a885 chore(style): golangci-lint required changes (#1173) 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-08-25 19:51:06 +02:00
Dario Tranchitella
a49c57bb5b feat: runtimeclass default support (#1165) 
* fix(makefile): no need specifying ginkgo version

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* fix(chore): referring to make using shortcut

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat: default runtimeclass webhook

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat(helm): default runtimeclass spec

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

---------

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-08-20 10:50:26 +02:00
Oliver Bähler
d620b0457d Merge commit from fork 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-08-20 10:19:14 +02:00
Oliver Bähler
9ebbbed785 feat(helm): introduce new installation and CRD lifecycle (#1065) 
* chore: name change for webhook names

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: remove apidocs

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(helm): implement crd lifecycle and values consistency

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore: change default group name

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-06-12 19:36:01 +02:00
lukasboettcher
5efb4fbfcf feat(metrics): provide metrics for tenant quotas (#1094) 
Signed-off-by: Lukas Boettcher <1340215+lukasboettcher@users.noreply.github.com>
 2024-05-27 16:38:25 +02:00
Oliver Bähler
4afcfbbb27 fix(controller): use ownerreferences without controller owner relation (#1095) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-05-27 14:33:34 +02:00
Oliver Bähler
82995a3e66 fix(controller): change managed network policy label check (#1062) 
* fix(controller): change managed network policy label check

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* fix(controller): change managed network policy label check

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-05-27 10:33:46 +02:00
dependabot[bot]
00b59fa843 feat(deps): bump sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.0 (#1061) 
* feat(deps): update kubernetes components to 1.30

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* ci(deps): update kubernetes components to 1.30

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(makefile): update binaries and improve building

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* feat(deps): remove multierror dependency

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

* chore(ci): use go.mod as go version

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

---------

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
Co-authored-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-05-03 14:48:45 +02:00
Oliver Bähler
e418f74e34 fix(controller): ensure iteration on capsule ownerreferences (#1059) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-05-02 11:55:51 +02:00
Oliver Bähler
e16202f3cf feat(go): bump relevant components to 1.21 (#987) 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2024-02-20 16:15:43 +01:00
Oliver Bähler
c58b46cedf feat(tenant): add label with tenant name for each tenant 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2023-11-29 07:24:27 +01:00
Dario Tranchitella
0241603f2b feat!: deprecating v1alpha1 api 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-11-26 17:16:33 +01:00
Siarhei Rasiukevich
b27780d74c feat(manager): add forbidden annotations, forbidden labels to service options 
Signed-off-by: Siarhei Rasiukevich <s.rasiukevich@gmail.com>
 2023-11-24 12:30:59 +01:00
Dario Tranchitella
e61152a484 feat(api): additional metadata for pods 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
Co-authored-by: Giuseppe Chiesa <mail@giuseppechiesa.it>
 2023-11-24 11:10:42 +01:00
Dario Tranchitella
25b4a35b65 feat(ux): namespace oncrete hook to check namespace exsistence 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-11-09 15:48:04 +01:00
Oliver Bähler
cde44ba14e fix(controller): copy ownerreference from oldNs on namespace UPDATE admission requests 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2023-11-09 13:59:21 +01:00
Dario Tranchitella
364332c380 deps(controller-runtime): upgrading to v0.16.3 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-10-24 10:00:46 +02:00
Dario Tranchitella
0830b3629e chore(header): moving to new neutral organization 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-10-16 21:29:23 +02:00
Dario Tranchitella
d7a48d771f refactor: moving to new neutral organization 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-10-16 21:29:23 +02:00
Dario Tranchitella
057b9c1411 fix(ingress): always deny empty hostnames 2023-09-05 15:31:47 +02:00
Max Fedotov
51b23d16dc fix: incorrect capsule label comparison in PVC webhook 2023-06-27 19:10:03 +02:00
Dario Tranchitella
272d6f61c5 feat: detecting group discovery error for indexers 2023-05-25 14:36:48 +02:00
Dario Tranchitella
809fa11741 refactor(golint): removing deprecated functions 2023-05-25 14:36:48 +02:00
Dario Tranchitella
5457df7e96 refactor(deps): updating to controller-runtime 0.15.0 2023-05-25 14:36:48 +02:00
Dario Tranchitella
a94123db89 fix: enforcing namespace for default mutators 2023-03-28 12:57:17 +02:00
Dario Tranchitella
65d5b24896 feat: blocking replicated resources write ops by tenant owners 2023-03-28 12:56:58 +02:00
Sagar Jadhav
78b0c32056 fix: users can patch namespaces not managed by capsule 
Signed-off-by: Sagar Jadhav <sagarj2@vmware.com>
 2023-03-23 16:19:25 +01:00
Dario Tranchitella
89348c9499 chore(golangci-lint): updating to latest version and code alignement 2023-03-02 15:32:47 +01:00
Dario Tranchitella
da78423f42 fix: preventing index out of range when sa is impersonating 2023-03-02 15:32:47 +01:00
Dario Tranchitella
ea88b102e5 feat: pv labelling and preventing cross-tenant mount 2023-01-26 09:31:16 +01:00
Oliver Bähler
ab0fe91c58 feat: add defaults handler 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2023-01-14 15:51:01 +01:00
Dario Tranchitella
f73a5b17f4 fix: using embedded struct for selector 2022-12-29 17:49:45 +01:00
Oliver Bähler
628efbb30f fix: validate pods on update 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
 2022-12-29 17:49:45 +01:00
Oliver Bähler
79391f863a feat: add runtimeclass control 
Signed-off-by: Oliver Baehler <oliver.baehler@hotmail.com>
 2022-12-28 15:01:28 +01:00
Dario Tranchitella
e964f34086 fix: avoiding nil pointer when empty map for labels and annotations 2022-12-27 17:53:17 +01:00
Dario Tranchitella
93fbca9b18 feat(api): label selector for storage, ingress, podpriority classes 2022-12-27 17:53:17 +01:00
Dario Tranchitella
43bd2491ae refactor(api): switching to v1beta2 as storage version 2022-12-27 17:53:17 +01:00
Dario Tranchitella
6a380b00ad style: kubebuilder annotations start with empty space 2022-12-26 14:27:26 +01:00
Dario Tranchitella
503e3fc1d0 feat: globaltenantresource and tenantresource reconciliation 2022-12-26 14:27:26 +01:00
Dario Tranchitella
360a8d2b56 refactor: using interfaces for accessing tenant namespaces 2022-12-26 14:27:26 +01:00
Dario Tranchitella
4835b94839 style: conforming go files headers 2022-12-26 14:27:26 +01:00
Dario Tranchitella
cf52924870 refactor: abstracting types used by several api versions 2022-12-26 14:27:26 +01:00
Dario Tranchitella
1087ea853b fix: inverted logic in forbidden user namespace metadata 2022-12-23 15:34:28 +01:00
Dario Tranchitella
75525ac192 fix: preventing serviceaccount privilege escalation 2022-12-02 15:19:06 +01:00
Dario Tranchitella
098a74b565 refactor(capsuleconfiguration): allowing to skip tls reconciler 2022-07-26 17:48:58 +02:00
Dario Tranchitella
d84f0be76b fix: tenant owners cannot replace protected namesapce labels or annotations 2022-07-22 19:29:27 +00:00
Oliver Bähler
cac2920827 feat: grant global patch privileges and add patch handler 2022-06-09 18:32:39 +00:00
Maksim Fedotov
f1dc028649 feat: generate TLS certificates before starting controllers 2022-06-08 11:12:35 +00:00
Maksim Fedotov
82b58d7d53 feat: refactor capsule TLS certificates management 2022-06-08 11:12:35 +00:00
Maksim Fedotov
3c9228d1aa fix: protectedHandler OnDelete get tenant using client 2022-05-18 18:06:10 +02:00