kyverno/pkg/engine/mutation.go

package engine

import (
	"github.com/golang/glog"
	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

// Mutate performs mutation. Overlay first and then mutation patches
// TODO: return events and violations
func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, []byte) {
	var policyPatches []PatchBytes
	var processedPatches []PatchBytes
	var err error
	patchedDocument := rawResource

	for _, rule := range policy.Spec.Rules {
		if rule.Mutation == nil {
			continue
		}

		ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk)
		if !ok {
			glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name)
			continue
		}

		// Process Overlay

		if rule.Mutation.Overlay != nil {
			overlayPatches, err := ProcessOverlay(policy, rawResource, gvk)
			if err != nil {
				glog.Warningf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
			} else {
				policyPatches = append(policyPatches, overlayPatches...)
			}
		}

		// Process Patches

		if rule.Mutation.Patches != nil {
			processedPatches, patchedDocument, err = ProcessPatches(rule.Mutation.Patches, patchedDocument)
			if err != nil {
				glog.Warningf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
			} else {
				policyPatches = append(policyPatches, processedPatches...)
			}
		}
	}

	return policyPatches, patchedDocument
}
Resolve PR 27 2019-05-13 18:17:28 -07:00			`package engine`
Add PolicyEngine 2019-05-09 22:26:22 -07:00
			`import (`
introduce glog, remove log.logger references 2019-05-30 12:28:56 -07:00			`"github.com/golang/glog"`
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00			`kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"`
Fixed issue with absent kind in resource raw data in PolicyEngine 2019-05-14 19:40:17 +03:00			`metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"`
Add PolicyEngine 2019-05-09 22:26:22 -07:00			`)`

Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`// Mutate performs mutation. Overlay first and then mutation patches`
Implement Generate() 2019-05-14 18:20:41 -07:00			`// TODO: return events and violations`
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, []byte) {`
			`var policyPatches []PatchBytes`
			`var processedPatches []PatchBytes`
- handle operation remove case: if path does not exist - remove duplicate log - support validate in CLI 2019-05-20 15:14:01 -07:00			`var err error`
Support Mutate from command line 2019-05-20 13:02:55 -07:00			`patchedDocument := rawResource`
Add PolicyEngine 2019-05-09 22:26:22 -07:00
Fixed issue with validation error messages 2019-05-20 14:48:38 +03:00			`for _, rule := range policy.Spec.Rules {`
			`if rule.Mutation == nil {`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`continue`
Add PolicyEngine 2019-05-09 22:26:22 -07:00			`}`

Fixed issue with validation error messages 2019-05-20 14:48:38 +03:00			`ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if !ok {`
introduce glog, remove log.logger references 2019-05-30 12:28:56 -07:00			`glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name)`
Implemented Validation Pattern base. Updated Webhooks registration logic. Updated project for using TLS package 2019-05-14 18:10:25 +03:00			`continue`
			`}`

Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`// Process Overlay`
Add PolicyEngine 2019-05-09 22:26:22 -07:00
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if rule.Mutation.Overlay != nil {`
Added Overlay logic to mutation handling 2019-05-22 22:54:38 +01:00			`overlayPatches, err := ProcessOverlay(policy, rawResource, gvk)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if err != nil {`
introduce glog, remove log.logger references 2019-05-30 12:28:56 -07:00			`glog.Warningf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`} else {`
Added Overlay logic to mutation handling 2019-05-22 22:54:38 +01:00			`policyPatches = append(policyPatches, overlayPatches...)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`}`
Add PolicyEngine 2019-05-09 22:26:22 -07:00			`}`

Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`// Process Patches`
Add PolicyEngine 2019-05-09 22:26:22 -07:00
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if rule.Mutation.Patches != nil {`
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`processedPatches, patchedDocument, err = ProcessPatches(rule.Mutation.Patches, patchedDocument)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if err != nil {`
introduce glog, remove log.logger references 2019-05-30 12:28:56 -07:00			`glog.Warningf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`} else {`
			`policyPatches = append(policyPatches, processedPatches...)`
			`}`
			`}`
Add PolicyEngine 2019-05-09 22:26:22 -07:00			`}`

Support Mutate from command line 2019-05-20 13:02:55 -07:00			`return policyPatches, patchedDocument`
Add PolicyEngine 2019-05-09 22:26:22 -07:00			`}`