kyverno/kyverno: Kubernetes Native Policy Management

3663

STARS

WATCHERS

545

FORKS

311

ISSUES

kyverno's Language Statistics

kyverno's Other Repos

kyverno/policies: Kyverno policies for security and best practices

Last Updated: 2023-03-17
kyverno/website: User docs and sample policies: https://kyverno.io

Last Updated: 2022-05-13
kyverno/grafana-dashboard:

Last Updated: 2022-01-09
kyverno/policy-reporter-ui: Policy Reporter UI

Last Updated: 2022-05-13
kyverno/policy-reporter-kyverno-plugin: Policy Reporter Kyverno Plugin

Last Updated: 2022-05-13
kyverno/tag-security: 🔐CNCF Special Interest Group on Security -- secure access, policy control, privacy, auditing, explainability and more!

Last Updated: 2022-05-28
kyverno/go-jmespath: Golang implementation of JMESPath.

Last Updated: 2022-05-13
kyverno/pre-commit-hook:

Last Updated: 2022-01-09
kyverno/artwork: Logos, banners, etc.

Last Updated: 2022-05-24
kyverno/policy-reporter: Monitoring and Observability Tool for the PolicyReport CRD with an optional UI.

Last Updated: 2023-03-18
kyverno/kyverno: Kubernetes Native Policy Management

Last Updated: 2023-03-26
kyverno/json-patch: A Go library to apply RFC6902 patches and create and apply RFC7386 patches

Last Updated: 2022-05-13

Star history of kyverno

Issue history of kyverno

kyverno Recent Issues

Issue Title	State	Comments	Created Date	Updated Date	Closed Date
[Bug] Policy exception not considered for manifest verification	open	0	2023-03-26	2023-03-19	-
[Bug] verifyImages wrongly claims image is not signed	open	7	2023-03-24	2023-03-19	-
[Bug] Background controller permission checks inaccurate	open	1	2023-03-24	2023-03-19	-
[Feature] Exit CLI with non-zero code if no objects pass a policy	open	1	2023-03-24	2023-03-19	-
[Bug] UNAUTHORIZED: unauthorized to access repository error in verify image policy	open	2	2023-03-24	2023-03-19	-
Could Policyreports be generated for the new PolicyException resources	closed	6	2023-03-23	2023-03-19	2023-03-24
[Feature] Add kuttl tests for background only policies	open	7	2023-03-23	2023-03-19	-
[Bug] Argo CD in lab not support tracing	open	1	2023-03-23	2023-03-19	-
[Feature] Need an AdmissionReports activation per policy	open	1	2023-03-23	2023-03-19	-
[Chore] Bump to Go 1.20	open	1	2023-03-23	2023-03-19	-
[Feature] Resource Filters but for include	open	3	2023-03-22	2023-03-19	-
[Bug] Image detail is missing in resource blocked event generated for image verification policy	open	7	2023-03-21	2023-03-19	-
[Bug] [CLI] Test suite fails on upgrade to v1.8.x from v1.7.x	closed	3	2023-03-21	2023-03-19	2023-03-22
[Bug-Image] OpenShift 'oc new-app' command fails due to empty 'image' field in deployment object	open	2	2023-03-19	2023-03-19	-
[Bug] Pod Security validation does not meet expectations	open	2	2023-03-19	2023-03-19	-
[Enhancement] Implicitly ignore DELETE operations for all rule types and configs	open	3	2023-03-17	2023-03-19	-
[Feature] Support go-getter addresses in kyverno-cli	open	3	2023-03-16	2023-03-19	-
[Test] New kuttl test for the background policy	open	5	2023-03-16	2023-03-19	-
[Feature] Set the generate policy to not ready if it has spec.generateExistingOnPolicyUpdate	closed	1	2023-03-16	2023-03-19	2023-03-23
Schema validation should validate the target resource rather than the trigger for the mutateExisting type of policy	closed	3	2023-03-16	2023-03-19	2023-03-17
Validate has targets	open	0	2023-03-16	2023-03-19	-
[Bug-Image] Variables from container images - failed to add image variables to context, invalid image	open	3	2023-03-15	2023-03-19	-
[Enhancement] Assess permissions and warn if not present for generate or mutate existing policies	open	0	2023-03-15	2023-03-20	-
[Feature] Investigate if we can remove permission checks for generation	closed	2	2023-03-15	2023-03-20	2023-03-17
[Bug] RayCluster kind fails validation	closed	4	2023-03-15	2023-03-20	2023-03-16
[Enhancement] Bring back YAML install manifest on `main` branch	closed	0	2023-03-14	2023-03-20	2023-03-15
[Bug] Failed to create Pod by policy	closed	2	2023-03-14	2023-03-20	2023-03-15
[Bug] Kyverno takes too long to get into a ready state	open	9	2023-03-13	2023-03-20	-
[Bug] Webhooks are removed when Kyverno deployment scaled to zero	open	4	2023-03-13	2023-03-20	-
[Bug] Kyverno panics when policy created with incorrect schema	open	4	2023-03-13	2023-03-20	-
[Bug] Webhook Controller Endless Loop	closed	37	2023-03-10	2023-03-20	2023-03-15
[Enhancement] Emergency circuit breaking for admission report flooding	open	0	2023-03-10	2023-03-20	-
[Tests] kuttl generate tests for Namespaced Policy	open	2	2023-03-10	2023-03-20	-
[Bug] install 1.6.3 crds got validate error	closed	2	2023-03-10	2023-03-20	2023-03-10
[Bug] No permission to create Secrets in kyverno-background-controller	closed	2	2023-03-09	2023-03-20	2023-03-15
[Bug] VerifyImage in Audit mode doesn't correctly verify the image signature	open	3	2023-03-09	2023-03-20	-
[Bug] Policy Report not being created with verifyImages rule and KMS	open	24	2023-03-09	2023-03-20	-
[Bug] Generate existing in Namespaced Policy triggered by resource in different Namespace	closed	5	2023-03-09	2023-03-20	2023-03-10
[Bug] Match rules does not work on kube-system namespace	closed	3	2023-03-09	2023-03-11	2023-03-09
[Feature] Support webhook rules configuration for auto-updating webhook mode	open	2	2023-03-09	2023-03-12	-
[Feature] Delete generated resource when the trigger no longer matches the sync rule	closed	0	2023-03-08	2023-03-12	2023-03-10
[Bug] PolicyReportResult on podSecurity rule contains duplicates of violated controls and validation messages	open	0	2023-03-07	2023-03-12	-
Add trademark disclosure	open	6	2023-03-05	2023-03-01	-
[Bug] kyverno-resource-validating-webhook-cfg is not compliant with https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#avoiding-operating-on-the-kube-system-namespace	closed	2	2023-03-05	2023-03-12	2023-03-05
[Bug] License scan found issues	open	3	2023-03-05	2023-03-12	-
Set tokens to read-only	open	2	2023-03-04	2023-03-01	-
Enable signed release tracking	open	2	2023-03-04	2023-03-12	-
Enable SBOM tracking	closed	1	2023-03-04	2023-03-01	2023-03-05
Add Artifact Hub Badge	open	1	2023-03-04	2023-03-01	-
Add license scanning	closed	6	2023-03-04	2023-03-01	2023-03-05