Vivek Kumar Sahu

icon indicating a website link https://viveksahu26.github.io/ icon indicating an email [email protected]

icon company @interlynk-io icon location Indore icon location :heart: open source | Working on Software Supply Chain Security @interlynk-io | Ex-Contributor @kyverno | Golang

Results 50 issues of Vivek Kumar Sahu

Support `matchExpression` for selecting resources in policy

10 comment

## Feature Request **Short Description** Currently, KubeArmor policies selects resource on the basis of `matchLabels`. On a large scale deployment selecting resources with `matchLabels` won't help. To filter resources in...

enhancement
help wanted

Remove unwanted KubeArmor service running in kube-system namespace

17 comment

## Feature Request **Short Description** Remove KubeArmor services running in kube-system namespace. **Is your feature request related to a problem? Please describe the use case.** Basically, these are auto-generated services...

enhancement

Treat normal and precondition variable equally

17 comment

## Explanation Currently, the value for any variable present in the precondition block is assigned as empty string(" ") when value for the corresponding variable is not present, whereas value...

To support gitURLs for "apply" command

10 comment

## Explanation This PR adds support for `apply` command to apply policies from gitURLs on cluster resources. ## Related issue Closes https://github.com/kyverno/kyverno/issues/3822 ## Milestone of this PR /milestone 1.9.0 ##...

milestone 1.9.0

[Feature] In absence of Equality Anchor key in resource will Skip resource instead of Pass

37 comment

### Problem Statement The Kyverno policies containing [Equality Anchor](https://kyverno.io/docs/writing-policies/validate/#anchors) `pass` the resource if anchor Key is not present in the resource. Few places such as: https://github.com/kyverno/policies/blob/41a0121f71e24c3d6c0030e5d48ed290430e297f/nginx-ingress/nginx-custom-snippets/kyverno-test.yaml#L26 https://github.com/kyverno/policies/blob/41a0121f71e24c3d6c0030e5d48ed290430e297f/openshift/disallow-self-provisioner-binding/kyverno-test.yaml#L12 https://github.com/kyverno/policies/blob/main/other/disallow_all_secrets/kyverno-test.yaml and there...

enhancement
validation

[crane] missing spec

### Sanity checks - [X] My issue relates to a specific CLI completion spec (e.g. `git checkout` is missing options in `git` completion spec). If your issue is more general,...

NEED_TO_LABEL

parse the rekor bundle correctly

6 comment

#### Summary This PR fixes the bugs while attaching the `rekor-bundle` into an image. Closes #3458 #### Release Note Bug fixes and fixes of previous known issues #### Documentation -...

`cosign attach` command couldn't attach the `rekor-bundle` to an image

6 comment

**Description** Basically when we sign the Image using `Cosign` signing tool, then by default, it adds the `rekor-bundle` to an image in form of annotation as a value of a...

bug

show a DIGEST of an image while pushing to registry

**Description** Normally on pushing an image to the docker hub, it shows an image DIGEST of that image. ``` sudo docker push viveksahu26/hi:v1 The push refers to repository [docker.io/viveksahu26/hi] 1d5f5c892f24:...

enhancement

CII OpenSSF best-practice badge

1 comment

**Description of the feature request:** [CII Best practice](https://www.bestpractices.dev/en) is a badge that checks whether projects has this badge or not. This badge primarily focussed on security best practices implemented in...

enhancement