kyverno/pkg/engine/generation.go

package engine

import (
	"fmt"

	kubepolicy "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
	"github.com/nirmata/kube-policy/pkg/engine/mutation"
)

// TODO: To be reworked due to spec policy-v2

// Applies "configMapGenerator" and "secretGenerator" described in PolicyRule
func applyRuleGenerators(rawResource []byte, rule kubepolicy.Rule) error {
	kind := mutation.ParseKindFromObject(rawResource)

	// configMapGenerator and secretGenerator can be applied only to namespaces
	if kind == "Namespace" {
		namespaceName := mutation.ParseNameFromObject(rawResource)

		err := applyConfigGenerator(rule.Generation, namespaceName, "ConfigMap")
		if err == nil {
			err = applyConfigGenerator(rule.Generation, namespaceName, "Secret")
		}
		return err
	}
	return nil
}

// Creates resourceKind (ConfigMap or Secret) with parameters specified in generator in cluster specified in request.
func applyConfigGenerator(generator *kubepolicy.Generation, namespace string, configKind string) error {
	if generator == nil {
		return nil
	}

	err := generator.Validate()
	if err != nil {
		return fmt.Errorf("Generator for '%s' is invalid: %s", configKind, err)
	}

	// TODO:
	switch configKind {
	case "ConfigMap":
		// err = p.kubeClient.GenerateConfigMap(*generator, namespace)
	case "Secret":
		// err = p.kubeClient.GenerateSecret(*generator, namespace)
	default:
		err = fmt.Errorf("Unsupported config Kind '%s'", configKind)
	}

	if err != nil {
		return fmt.Errorf("Unable to apply generator for %s '%s/%s' : %s", configKind, namespace, generator.Name, err)
	}

	return nil
}
Resolve PR 27 2019-05-14 01:17:28 +00:00			`package engine`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00
			`import (`
			`"fmt"`

			`kubepolicy "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"`
Resolve PR 27 2019-05-14 01:17:28 +00:00			`"github.com/nirmata/kube-policy/pkg/engine/mutation"`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`)`

			`// TODO: To be reworked due to spec policy-v2`

			`// Applies "configMapGenerator" and "secretGenerator" described in PolicyRule`
initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`func applyRuleGenerators(rawResource []byte, rule kubepolicy.Rule) error {`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`kind := mutation.ParseKindFromObject(rawResource)`

			`// configMapGenerator and secretGenerator can be applied only to namespaces`
			`if kind == "Namespace" {`
			`namespaceName := mutation.ParseNameFromObject(rawResource)`

initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`err := applyConfigGenerator(rule.Generation, namespaceName, "ConfigMap")`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`if err == nil {`
initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`err = applyConfigGenerator(rule.Generation, namespaceName, "Secret")`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`}`
			`return err`
			`}`
			`return nil`
			`}`

			`// Creates resourceKind (ConfigMap or Secret) with parameters specified in generator in cluster specified in request.`
initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`func applyConfigGenerator(generator *kubepolicy.Generation, namespace string, configKind string) error {`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`if generator == nil {`
			`return nil`
			`}`

			`err := generator.Validate()`
			`if err != nil {`
			`return fmt.Errorf("Generator for '%s' is invalid: %s", configKind, err)`
			`}`

initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`// TODO:`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`switch configKind {`
			`case "ConfigMap":`
initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`// err = p.kubeClient.GenerateConfigMap(*generator, namespace)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`case "Secret":`
initial commit, remove kubeclient from policy engine 2019-05-14 18:24:40 +00:00			`// err = p.kubeClient.GenerateSecret(*generator, namespace)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 18:27:47 +00:00			`default:`
			`err = fmt.Errorf("Unsupported config Kind '%s'", configKind)`
			`}`

			`if err != nil {`
			`return fmt.Errorf("Unable to apply generator for %s '%s/%s' : %s", configKind, namespace, generator.Name, err)`
			`}`

			`return nil`
			`}`