shuting
shuting
### Problem Statement Currently there's no automated test for the Kyverno upgrade. This is critical for Kyverno's stability upon new releases. All existing conformance tests target a single policy and...
### Problem Statement With the latest main (post 1.12.0), the admission review latency when applying mutate policies increases if more mutate policies are installed in the cluster. The following results...
### Problem Statement In kubernetes 1.30, there are multiple changes related to the pod security context and we need to investigate and adopt any change for the pod security rule,...
### Kyverno Version 1.12.0 ### Description With this [CI run](https://github.com/kyverno/kyverno/actions/runs/8700841326?pr=10048) for example, there are two tests failed `default - kyverno-pss - 10 vus - 200 iterations` and `stress - kyverno-pss...
### Description See https://github.com/kyverno/kyverno/pull/10036: [--continue-on-fail: If set to true, will continue to apply policies on the next resource upon failure to apply to the current resource instead of exiting out](https://github.com/kyverno/kyverno/pull/10036/files#diff-33d0dcfa468c7403ef81cc0ceef1a217b401f713b63dcb876254ef3ef11e067fR125)...
## Explanation This PR adds the linter https://github.com/alexkohler/prealloc to enforce slice definition best pracitices. ## Related issue ## Milestone of this PR ## Documentation (required for features) My PR contains...
## Explanation This PR adds a cleanup cronjob to remove urs, the threshold is set to 10000 by default which can be configured via Helm. ## Related issue Closes https://github.com/kyverno/kyverno/issues/10244....
### Problem Statement We are seeing an issue that URs get piled up in the cluster for different reasons. While we are working on fixing root causes, it would be...
Cherry-pick #10382.
### Kyverno Version 1.12.0 ### Description For temporary resources such as updaterequests and ephemeralreports that are used to apply policies, they could potentially overload the etcd/API-server if the background or...