kyverno/pkg/engine/mutation/checkRules.go

package mutation

import (
	"github.com/minio/minio/pkg/wildcard"
	types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

// kind is the type of object being manipulated
// Checks requests kind, name and labels to fit the policy
func IsRuleApplicableToResource(resourceRaw []byte, description types.ResourceDescription) (bool, error) {
	kind := ParseKindFromObject(resourceRaw)
	if description.Kind != kind {
		return false, nil
	}

	if resourceRaw != nil {
		meta := ParseMetadataFromObject(resourceRaw)
		name := ParseNameFromObject(resourceRaw)

		if description.Name != nil {

			if !wildcard.Match(*description.Name, name) {
				return false, nil
			}
		}

		if description.Selector != nil {
			selector, err := metav1.LabelSelectorAsSelector(description.Selector)

			if err != nil {
				return false, err
			}

			labelMap := ParseLabelsFromMetadata(meta)

			if !selector.Matches(labelMap) {
				return false, nil
			}

		}
	}
	return true, nil
}
move patch logic to pkg/mutation 2019-05-08 10:01:41 -07:00			`package mutation`
move webhooks/patches.go webhooks/utils.go to pkg/policymanager/ 2019-05-07 16:50:39 -07:00
			`import (`
			`"github.com/minio/minio/pkg/wildcard"`
			`types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"`
			`metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"`
			`)`

			`// kind is the type of object being manipulated`
			`// Checks requests kind, name and labels to fit the policy`
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`func IsRuleApplicableToResource(resourceRaw []byte, description types.ResourceDescription) (bool, error) {`
			`kind := ParseKindFromObject(resourceRaw)`
			`if description.Kind != kind {`
			`return false, nil`
			`}`
move webhooks/patches.go webhooks/utils.go to pkg/policymanager/ 2019-05-07 16:50:39 -07:00
			`if resourceRaw != nil {`
			`meta := ParseMetadataFromObject(resourceRaw)`
			`name := ParseNameFromObject(resourceRaw)`

Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if description.Name != nil {`
move webhooks/patches.go webhooks/utils.go to pkg/policymanager/ 2019-05-07 16:50:39 -07:00
Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if !wildcard.Match(*description.Name, name) {`
move webhooks/patches.go webhooks/utils.go to pkg/policymanager/ 2019-05-07 16:50:39 -07:00			`return false, nil`
			`}`
			`}`

Updated code in the project to be compilable with new version of Policy. Moved logic from webhooks/mutation.go to policyengine/mutation.go and server.go 2019-05-13 21:27:47 +03:00			`if description.Selector != nil {`
			`selector, err := metav1.LabelSelectorAsSelector(description.Selector)`
move webhooks/patches.go webhooks/utils.go to pkg/policymanager/ 2019-05-07 16:50:39 -07:00
			`if err != nil {`
			`return false, err`
			`}`

			`labelMap := ParseLabelsFromMetadata(meta)`

			`if !selector.Matches(labelMap) {`
			`return false, nil`
			`}`

			`}`
			`}`
			`return true, nil`
			`}`