kyverno/pkg/webhooks/utils/event.go

package utils

import (
	engineapi "github.com/kyverno/kyverno/pkg/engine/api"
	"github.com/kyverno/kyverno/pkg/event"
)

// GenerateEvents generates event info for the engine responses
func GenerateEvents(engineResponses []engineapi.EngineResponse, blocked bool) []event.Info {
	var events []event.Info
	//   - Some/All policies fail or error
	//     - report failure events on policy
	//     - report failure events on resource
	//   - Some/All policies succeeded
	//     - report success event on resource
	//   - Some/All policies skipped
	//     - report skipped event on resource
	for _, er := range engineResponses {
		if er.IsEmpty() {
			continue
		}
		if !er.IsSuccessful() {
			for _, ruleResp := range er.PolicyResponse.Rules {
				if ruleResp.Status() == engineapi.RuleStatusFail || ruleResp.Status() == engineapi.RuleStatusError {
					e := event.NewPolicyFailEvent(event.AdmissionController, event.PolicyViolation, er, ruleResp, blocked)
					events = append(events, e)
				}
				if !blocked {
					e := event.NewResourceViolationEvent(event.AdmissionController, event.PolicyViolation, er, ruleResp)
					events = append(events, e)
				}
			}
		} else if er.IsSkipped() { // Handle PolicyException Event
			for _, ruleResp := range er.PolicyResponse.Rules {
				if ruleResp.Status() == engineapi.RuleStatusSkip && !blocked && ruleResp.IsException() {
					events = append(events, event.NewPolicyExceptionEvents(er, ruleResp, event.AdmissionController)...)
				}
			}
		} else if !er.IsSkipped() {
			e := event.NewPolicyAppliedEvent(event.AdmissionController, er)
			events = append(events, e)
		}
	}
	return events
}
refactor: move webhook events utils in utils package (#4545) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-09-08 18:10:27 +02:00			`package utils`
restructure webhooks pkg 2019-07-15 16:07:56 -07:00
			`import (`
refactor: introduce engine api package (#6154) * refactor: introduce engine api package Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * status Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-01-30 12:41:09 +01:00			`engineapi "github.com/kyverno/kyverno/pkg/engine/api"`
update nirmata/kyverno to kyverno/kyverno 2020-10-07 11:12:31 -07:00			`"github.com/kyverno/kyverno/pkg/event"`
restructure webhooks pkg 2019-07-15 16:07:56 -07:00			`)`

refactor: make webhook metrics helpers static (#4554) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-09-09 06:11:16 +02:00			`// GenerateEvents generates event info for the engine responses`
refactor: remove more pointers from engine api (#6651) * refactor: remove more pointers from engine api Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * debug Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-03-23 13:58:52 +01:00			`func GenerateEvents(engineResponses []engineapi.EngineResponse, blocked bool) []event.Info {`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`var events []event.Info`
cleanup event messages and sources (#3741) * cleanup events Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix sonatype issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-05-01 22:14:32 -07:00			`// - Some/All policies fail or error`
			`// - report failure events on policy`
			`// - report failure events on resource`
Configurable success events on policies & resources. Generating failure events on policies by default. (#1939) * Remove unused event.Reason const Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate failure events on policies Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate success events on policy Signed-off-by: Velkov <valentin.velkov@sap.com> * Introduce 'generateSuccessEvents' flag Signed-off-by: Velkov <valentin.velkov@sap.com> * Unit tests & chart fix Signed-off-by: Velkov <valentin.velkov@sap.com> 2021-06-30 00:43:11 +03:00			`// - Some/All policies succeeded`
			`// - report success event on resource`
feature: added new type of event, PolicySkipped (#4251) * feature: added new type of event, PolicySkipped Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> * fix html docs Signed-off-by: viveksahu26 <vivekkumarsahu650@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-28 11:31:50 +05:30			`// - Some/All policies skipped`
			`// - report skipped event on resource`
refactor events 2020-02-19 19:24:34 -08:00			`for _, er := range engineResponses {`
skip generating events on empty rule response (#5158) Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> 2022-10-27 16:34:55 +08:00			`if er.IsEmpty() {`
			`continue`
			`}`
Configurable success events on policies & resources. Generating failure events on policies by default. (#1939) * Remove unused event.Reason const Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate failure events on policies Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate success events on policy Signed-off-by: Velkov <valentin.velkov@sap.com> * Introduce 'generateSuccessEvents' flag Signed-off-by: Velkov <valentin.velkov@sap.com> * Unit tests & chart fix Signed-off-by: Velkov <valentin.velkov@sap.com> 2021-06-30 00:43:11 +03:00			`if !er.IsSuccessful() {`
refactor: simplify engine responses (#6804) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-06 00:55:42 +02:00			`for _, ruleResp := range er.PolicyResponse.Rules {`
refactor: engine rule response creation (#6784) * refactor: engine rule response creation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * private fields Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-05 12:35:38 +02:00			`if ruleResp.Status() == engineapi.RuleStatusFail \|\| ruleResp.Status() == engineapi.RuleStatusError {`
refactor: simplify engine responses (#6804) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-06 00:55:42 +02:00			`e := event.NewPolicyFailEvent(event.AdmissionController, event.PolicyViolation, er, ruleResp, blocked)`
release event memory (#4138) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> 2022-06-22 09:37:46 -07:00			`events = append(events, e)`
cleanup event messages and sources (#3741) * cleanup events Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix sonatype issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-05-01 22:14:32 -07:00			`}`
			`if !blocked {`
refactor: simplify engine responses (#6804) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-06 00:55:42 +02:00			`e := event.NewResourceViolationEvent(event.AdmissionController, event.PolicyViolation, er, ruleResp)`
release event memory (#4138) Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> 2022-06-22 09:37:46 -07:00			`events = append(events, e)`
cleanup event messages and sources (#3741) * cleanup events Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix sonatype issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-05-01 22:14:32 -07:00			`}`
- Create events for imageVerify rules (#3710) - Skip generating events on blocked resource Signed-off-by: ShutingZhao <shuting@nirmata.com> 2022-04-28 17:51:06 +08:00			`}`
feat: generate k8s event for exception (#5770) Signed-off-by: Eileen Yu <eileenylj@gmail.com> Signed-off-by: Eileen Yu <eileenylj@gmail.com> 2022-12-22 18:34:09 -05:00			`} else if er.IsSkipped() { // Handle PolicyException Event`
refactor: simplify engine responses (#6804) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-06 00:55:42 +02:00			`for _, ruleResp := range er.PolicyResponse.Rules {`
refactor: engine rule response creation (#6784) * refactor: engine rule response creation Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * private fields Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * more private Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-05 12:35:38 +02:00			`if ruleResp.Status() == engineapi.RuleStatusSkip && !blocked && ruleResp.IsException() {`
refactor: simplify engine responses (#6804) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-04-06 00:55:42 +02:00			`events = append(events, event.NewPolicyExceptionEvents(er, ruleResp, event.AdmissionController)...)`
feat: generate k8s event for exception (#5770) Signed-off-by: Eileen Yu <eileenylj@gmail.com> Signed-off-by: Eileen Yu <eileenylj@gmail.com> 2022-12-22 18:34:09 -05:00			`}`
			`}`
[Cleanup] Disable PolicySkipped events (#4913) * remove skip events Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * update conditions Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * improve conditions Signed-off-by: Anant Vijay <anantvijay3@gmail.com> * remove redundant function Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Signed-off-by: Anant Vijay <anantvijay3@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-10-13 14:02:20 +05:30			`} else if !er.IsSkipped() {`
			`e := event.NewPolicyAppliedEvent(event.AdmissionController, er)`
			`events = append(events, e)`
Configurable success events on policies & resources. Generating failure events on policies by default. (#1939) * Remove unused event.Reason const Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate failure events on policies Signed-off-by: Velkov <valentin.velkov@sap.com> * Generate success events on policy Signed-off-by: Velkov <valentin.velkov@sap.com> * Introduce 'generateSuccessEvents' flag Signed-off-by: Velkov <valentin.velkov@sap.com> * Unit tests & chart fix Signed-off-by: Velkov <valentin.velkov@sap.com> 2021-06-30 00:43:11 +03:00			`}`
			`}`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`return events`
annotation generation from policy controller 2019-07-17 17:53:13 -07:00			`}`