kyverno/pkg/utils/engine/response.go

package engine

import (
	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
	"github.com/kyverno/kyverno/pkg/engine/response"
)

// IsResponseSuccessful return true if all responses are successful
func IsResponseSuccessful(engineReponses []*response.EngineResponse) bool {
	for _, er := range engineReponses {
		if !er.IsSuccessful() {
			return false
		}
	}
	return true
}

// BlockRequest returns true when:
// 1. a policy fails (i.e. creates a violation) and validationFailureAction is set to 'enforce'
// 2. a policy has a processing error and failurePolicy is set to 'Fail`
func BlockRequest(er *response.EngineResponse, failurePolicy kyvernov1.FailurePolicyType) bool {
	if er.IsFailed() && er.GetValidationFailureAction().Enforce() {
		return true
	}
	if er.IsError() && failurePolicy == kyvernov1.Fail {
		return true
	}
	return false
}
refactor: add engine utils sub package (#3552) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-05 14:30:00 +02:00			`package engine`

			`import (`
chore: make kyverno api import aliases consistent (#3939) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-05-17 13:12:43 +02:00			`kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"`
refactor: add engine utils sub package (#3552) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-05 14:30:00 +02:00			`"github.com/kyverno/kyverno/pkg/engine/response"`
			`)`

			`// IsResponseSuccessful return true if all responses are successful`
			`func IsResponseSuccessful(engineReponses []*response.EngineResponse) bool {`
			`for _, er := range engineReponses {`
			`if !er.IsSuccessful() {`
			`return false`
			`}`
			`}`
			`return true`
			`}`

use failurePolicy to block or allow requests, on policy errors (#4183) * use failurePolicy to block or allow requests, on policy errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add warnings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add unit tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle network errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix title conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix path in generated file Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix fake metrics Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for klog flag initialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix spelling Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix flag init Signed-off-by: Jim Bugwadia <jim@nirmata.com> 2022-08-02 07:54:02 -07:00			`// BlockRequest returns true when:`
			`// 1. a policy fails (i.e. creates a violation) and validationFailureAction is set to 'enforce'`
			// 2. a policy has a processing error and failurePolicy is set to 'Fail`
			`func BlockRequest(er *response.EngineResponse, failurePolicy kyvernov1.FailurePolicyType) bool {`
refactor: support Audit and Enforce validation failure actions (#5152) * feat: remove policy mutation code Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * refactor: support Audit and Enforce failure actions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * typo Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * update changelog Signed-off-by: ShutingZhao <shuting@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: ShutingZhao <shuting@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Vyankatesh Kudtarkar <vyankateshkd@gmail.com> 2022-11-01 09:56:52 +00:00			`if er.IsFailed() && er.GetValidationFailureAction().Enforce() {`
use failurePolicy to block or allow requests, on policy errors (#4183) * use failurePolicy to block or allow requests, on policy errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add warnings Signed-off-by: Jim Bugwadia <jim@nirmata.com> * codegen Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add unit tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * handle network errors Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix title conversion Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix path in generated file Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix test Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix fake metrics Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com> * add check for klog flag initialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * check for flag reinitialization Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix spelling Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix flag init Signed-off-by: Jim Bugwadia <jim@nirmata.com> 2022-08-02 07:54:02 -07:00			`return true`
			`}`
			`if er.IsError() && failurePolicy == kyvernov1.Fail {`
			`return true`
			`}`
			`return false`
refactor: add engine utils sub package (#3552) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-05 14:30:00 +02:00			`}`