2021-05-04 19:11:13 +00:00
|
|
|
package metrics
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2021-06-14 20:42:57 +00:00
|
|
|
|
2022-05-17 11:12:43 +00:00
|
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
2023-01-30 11:41:09 +00:00
|
|
|
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
|
2023-03-24 10:01:49 +00:00
|
|
|
datautils "github.com/kyverno/kyverno/pkg/utils/data"
|
2021-05-04 19:11:13 +00:00
|
|
|
)
|
|
|
|
|
|
2022-05-17 11:12:43 +00:00
|
|
|
func ParsePolicyValidationMode(validationFailureAction kyvernov1.ValidationFailureAction) (PolicyValidationMode, error) {
|
2022-11-01 09:56:52 +00:00
|
|
|
if validationFailureAction.Enforce() {
|
2021-05-04 19:11:13 +00:00
|
|
|
return Enforce, nil
|
|
|
|
|
}
|
2022-11-01 09:56:52 +00:00
|
|
|
return Audit, nil
|
2021-05-04 19:11:13 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-17 11:12:43 +00:00
|
|
|
func ParsePolicyBackgroundMode(policy kyvernov1.PolicyInterface) PolicyBackgroundMode {
|
2022-04-04 20:16:45 +00:00
|
|
|
if policy.BackgroundProcessingEnabled() {
|
2021-05-04 19:11:13 +00:00
|
|
|
return BackgroundTrue
|
|
|
|
|
}
|
|
|
|
|
return BackgroundFalse
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 11:12:43 +00:00
|
|
|
func ParseRuleType(rule kyvernov1.Rule) RuleType {
|
2023-03-24 10:01:49 +00:00
|
|
|
if !datautils.DeepEqual(rule.Validation, kyvernov1.Validation{}) {
|
2021-05-04 19:11:13 +00:00
|
|
|
return Validate
|
|
|
|
|
}
|
2023-03-24 10:01:49 +00:00
|
|
|
if !datautils.DeepEqual(rule.Mutation, kyvernov1.Mutation{}) {
|
2021-05-04 19:11:13 +00:00
|
|
|
return Mutate
|
|
|
|
|
}
|
2023-03-24 10:01:49 +00:00
|
|
|
if !datautils.DeepEqual(rule.Generation, kyvernov1.Generation{}) {
|
2021-05-04 19:11:13 +00:00
|
|
|
return Generate
|
|
|
|
|
}
|
2022-12-20 14:43:21 +00:00
|
|
|
if len(rule.VerifyImages) > 0 {
|
|
|
|
|
return ImageVerify
|
|
|
|
|
}
|
2021-05-04 19:11:13 +00:00
|
|
|
return EmptyRuleType
|
|
|
|
|
}
|
2022-04-06 12:41:08 +00:00
|
|
|
|
|
|
|
|
func ParseResourceRequestOperation(requestOperationStr string) (ResourceRequestOperation, error) {
|
|
|
|
|
switch requestOperationStr {
|
|
|
|
|
case "CREATE":
|
|
|
|
|
return ResourceCreated, nil
|
|
|
|
|
case "UPDATE":
|
|
|
|
|
return ResourceUpdated, nil
|
|
|
|
|
case "DELETE":
|
|
|
|
|
return ResourceDeleted, nil
|
|
|
|
|
case "CONNECT":
|
|
|
|
|
return ResourceConnected, nil
|
|
|
|
|
default:
|
|
|
|
|
return "", fmt.Errorf("unknown request operation made by resource: %s. Allowed requests: 'CREATE', 'UPDATE', 'DELETE', 'CONNECT'", requestOperationStr)
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-04-06 18:14:13 +00:00
|
|
|
|
2023-01-30 11:41:09 +00:00
|
|
|
func ParseRuleTypeFromEngineRuleResponse(rule engineapi.RuleResponse) RuleType {
|
2022-04-06 18:14:13 +00:00
|
|
|
switch rule.Type {
|
|
|
|
|
case "Validation":
|
|
|
|
|
return Validate
|
|
|
|
|
case "Mutation":
|
|
|
|
|
return Mutate
|
|
|
|
|
case "Generation":
|
|
|
|
|
return Generate
|
2022-12-20 14:43:21 +00:00
|
|
|
case "ImageVerify":
|
|
|
|
|
return ImageVerify
|
2022-04-06 18:14:13 +00:00
|
|
|
default:
|
|
|
|
|
return EmptyRuleType
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 11:12:43 +00:00
|
|
|
func GetPolicyInfos(policy kyvernov1.PolicyInterface) (string, string, PolicyType, PolicyBackgroundMode, PolicyValidationMode, error) {
|
2022-04-06 18:14:13 +00:00
|
|
|
name := policy.GetName()
|
|
|
|
|
namespace := ""
|
|
|
|
|
policyType := Cluster
|
|
|
|
|
if policy.IsNamespaced() {
|
|
|
|
|
namespace = policy.GetNamespace()
|
|
|
|
|
policyType = Namespaced
|
|
|
|
|
}
|
|
|
|
|
backgroundMode := ParsePolicyBackgroundMode(policy)
|
2022-11-01 09:56:52 +00:00
|
|
|
validationMode, err := ParsePolicyValidationMode(policy.GetSpec().ValidationFailureAction)
|
2022-04-06 18:14:13 +00:00
|
|
|
return name, namespace, policyType, backgroundMode, validationMode, err
|
|
|
|
|
}
|
