Skip to content

Commit c37b5ca

Browse files
jzeng4Junyuan Zeng
jzeng4
authored and
Junyuan Zeng
committed
chore: regenerate CRDs, helm charts, and docs for SubjectExpression field
1 parent 6581e2f commit c37b5ca

7 files changed

Lines changed: 285 additions & 1 deletion

charts/kyverno-api/templates/crds/policies.kyverno.io_imagevalidatingpolicies.yaml

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -219,6 +219,9 @@ spec:
219219
log.
220220
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
221221
apply a regexp for matching.
222+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
223+
evaluated at admission time. The result is used as a regexp match against the
224+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
222225
properties:
223226
issuer:
224227
description: Issuer defines the issuer for this
@@ -232,6 +235,11 @@ spec:
232235
description: Subject defines the subject for this
233236
identity.
234237
type: string
238+
subjectExpression:
239+
description: |-
240+
SubjectExpression defines a CEL expression that evaluates to the subject string,
241+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
242+
type: string
235243
subjectRegExp:
236244
description: SubjectRegExp specifies a regular
237245
expression to match the subject for this identity.
@@ -1293,6 +1301,9 @@ spec:
12931301
log.
12941302
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
12951303
apply a regexp for matching.
1304+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
1305+
evaluated at admission time. The result is used as a regexp match against the
1306+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
12961307
properties:
12971308
issuer:
12981309
description: Issuer defines the
@@ -1307,6 +1318,11 @@ spec:
13071318
description: Subject defines the
13081319
subject for this identity.
13091320
type: string
1321+
subjectExpression:
1322+
description: |-
1323+
SubjectExpression defines a CEL expression that evaluates to the subject string,
1324+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
1325+
type: string
13101326
subjectRegExp:
13111327
description: SubjectRegExp specifies
13121328
a regular expression to match
@@ -2514,6 +2530,9 @@ spec:
25142530
log.
25152531
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
25162532
apply a regexp for matching.
2533+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
2534+
evaluated at admission time. The result is used as a regexp match against the
2535+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
25172536
properties:
25182537
issuer:
25192538
description: Issuer defines the issuer for this
@@ -2527,6 +2546,11 @@ spec:
25272546
description: Subject defines the subject for this
25282547
identity.
25292548
type: string
2549+
subjectExpression:
2550+
description: |-
2551+
SubjectExpression defines a CEL expression that evaluates to the subject string,
2552+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
2553+
type: string
25302554
subjectRegExp:
25312555
description: SubjectRegExp specifies a regular
25322556
expression to match the subject for this identity.
@@ -3588,6 +3612,9 @@ spec:
35883612
log.
35893613
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
35903614
apply a regexp for matching.
3615+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
3616+
evaluated at admission time. The result is used as a regexp match against the
3617+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
35913618
properties:
35923619
issuer:
35933620
description: Issuer defines the
@@ -3602,6 +3629,11 @@ spec:
36023629
description: Subject defines the
36033630
subject for this identity.
36043631
type: string
3632+
subjectExpression:
3633+
description: |-
3634+
SubjectExpression defines a CEL expression that evaluates to the subject string,
3635+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
3636+
type: string
36053637
subjectRegExp:
36063638
description: SubjectRegExp specifies
36073639
a regular expression to match
@@ -4808,6 +4840,9 @@ spec:
48084840
log.
48094841
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
48104842
apply a regexp for matching.
4843+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
4844+
evaluated at admission time. The result is used as a regexp match against the
4845+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
48114846
properties:
48124847
issuer:
48134848
description: Issuer defines the issuer for this
@@ -4821,6 +4856,11 @@ spec:
48214856
description: Subject defines the subject for this
48224857
identity.
48234858
type: string
4859+
subjectExpression:
4860+
description: |-
4861+
SubjectExpression defines a CEL expression that evaluates to the subject string,
4862+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
4863+
type: string
48244864
subjectRegExp:
48254865
description: SubjectRegExp specifies a regular
48264866
expression to match the subject for this identity.
@@ -5882,6 +5922,9 @@ spec:
58825922
log.
58835923
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
58845924
apply a regexp for matching.
5925+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
5926+
evaluated at admission time. The result is used as a regexp match against the
5927+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
58855928
properties:
58865929
issuer:
58875930
description: Issuer defines the
@@ -5896,6 +5939,11 @@ spec:
58965939
description: Subject defines the
58975940
subject for this identity.
58985941
type: string
5942+
subjectExpression:
5943+
description: |-
5944+
SubjectExpression defines a CEL expression that evaluates to the subject string,
5945+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
5946+
type: string
58995947
subjectRegExp:
59005948
description: SubjectRegExp specifies
59015949
a regular expression to match

charts/kyverno-api/templates/crds/policies.kyverno.io_namespacedimagevalidatingpolicies.yaml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -219,6 +219,9 @@ spec:
219219
log.
220220
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
221221
apply a regexp for matching.
222+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
223+
evaluated at admission time. The result is used as a regexp match against the
224+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
222225
properties:
223226
issuer:
224227
description: Issuer defines the issuer for this
@@ -232,6 +235,11 @@ spec:
232235
description: Subject defines the subject for this
233236
identity.
234237
type: string
238+
subjectExpression:
239+
description: |-
240+
SubjectExpression defines a CEL expression that evaluates to the subject string,
241+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
242+
type: string
235243
subjectRegExp:
236244
description: SubjectRegExp specifies a regular
237245
expression to match the subject for this identity.
@@ -1293,6 +1301,9 @@ spec:
12931301
log.
12941302
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
12951303
apply a regexp for matching.
1304+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
1305+
evaluated at admission time. The result is used as a regexp match against the
1306+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
12961307
properties:
12971308
issuer:
12981309
description: Issuer defines the
@@ -1307,6 +1318,11 @@ spec:
13071318
description: Subject defines the
13081319
subject for this identity.
13091320
type: string
1321+
subjectExpression:
1322+
description: |-
1323+
SubjectExpression defines a CEL expression that evaluates to the subject string,
1324+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
1325+
type: string
13101326
subjectRegExp:
13111327
description: SubjectRegExp specifies
13121328
a regular expression to match
@@ -2513,6 +2529,9 @@ spec:
25132529
log.
25142530
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
25152531
apply a regexp for matching.
2532+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
2533+
evaluated at admission time. The result is used as a regexp match against the
2534+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
25162535
properties:
25172536
issuer:
25182537
description: Issuer defines the issuer for this
@@ -2526,6 +2545,11 @@ spec:
25262545
description: Subject defines the subject for this
25272546
identity.
25282547
type: string
2548+
subjectExpression:
2549+
description: |-
2550+
SubjectExpression defines a CEL expression that evaluates to the subject string,
2551+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
2552+
type: string
25292553
subjectRegExp:
25302554
description: SubjectRegExp specifies a regular
25312555
expression to match the subject for this identity.
@@ -3587,6 +3611,9 @@ spec:
35873611
log.
35883612
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
35893613
apply a regexp for matching.
3614+
For a dynamic subject, use SubjectExpression which accepts a CEL expression
3615+
evaluated at admission time. The result is used as a regexp match against the
3616+
certificate SAN URI, so it can be either a literal string or a regexp pattern.
35903617
properties:
35913618
issuer:
35923619
description: Issuer defines the
@@ -3601,6 +3628,11 @@ spec:
36013628
description: Subject defines the
36023629
subject for this identity.
36033630
type: string
3631+
subjectExpression:
3632+
description: |-
3633+
SubjectExpression defines a CEL expression that evaluates to the subject string,
3634+
matched as a regexp against the certificate SAN URI. Mutually exclusive with SubjectRegExp.
3635+
type: string
36043636
subjectRegExp:
36053637
description: SubjectRegExp specifies
36063638
a regular expression to match

0 commit comments

Comments
 (0)