kyverno/pkg/policy/report.go

package policy

import (
	"fmt"

	"github.com/golang/glog"
	"github.com/nirmata/kyverno/pkg/engine"
	"github.com/nirmata/kyverno/pkg/event"
	"github.com/nirmata/kyverno/pkg/policyviolation"
)

func (pc *PolicyController) report(engineResponses []engine.EngineResponseNew) {
	// generate events
	// generate policy violations
	for _, policyInfo := range engineResponses {
		// events
		// success - policy applied on resource
		// failure - policy/rule failed to apply on the resource
		reportEvents(policyInfo, pc.eventGen)
		// policy violations
		// failure - policy/rule failed to apply on the resource
	}

	// generate policy violation
	policyviolation.CreatePV(pc.pvLister, pc.kyvernoClient, engineResponses)
}

//reportEvents generates events for the failed resources
func reportEvents(engineResponse engine.EngineResponseNew, eventGen event.Interface) {
	if engineResponse.IsSuccesful() {
		return
	}
	glog.V(4).Infof("reporting results for policy %s application on resource %s/%s/%s", engineResponse.PolicyResponse.Policy, engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name)
	for _, rule := range engineResponse.PolicyResponse.Rules {
		if rule.Success {
			return
		}

		// generate event on resource for each failed rule
		glog.V(4).Infof("generation event on resource %s/%s/%s for policy %s", engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name, engineResponse.PolicyResponse.Policy)
		e := event.Info{}
		e.Kind = engineResponse.PolicyResponse.Resource.Kind
		e.Namespace = engineResponse.PolicyResponse.Resource.Namespace
		e.Name = engineResponse.PolicyResponse.Policy
		e.Reason = "Failure"
		e.Message = fmt.Sprintf("policy %s (%s) rule %s failed to apply. %v", engineResponse.PolicyResponse.Policy, rule.Type, rule.Name, rule.Message)
		eventGen.Add(e)

	}
	// generate a event on policy for all failed rules
	glog.V(4).Infof("generation event on policy %s", engineResponse.PolicyResponse.Policy)
	e := event.Info{}
	e.Kind = "Policy"
	e.Namespace = ""
	e.Name = engineResponse.PolicyResponse.Policy
	e.Reason = "Failure"
	e.Message = fmt.Sprintf("failed to apply rules %v on resource %s/%s/%s", engineResponse.GetFailedRules(), engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name)
	eventGen.Add(e)

}
existing resource reporting 2019-08-13 13:15:04 -07:00			`package policy`

			`import (`
			`"fmt"`

clean up 2019-08-14 10:01:47 -07:00			`"github.com/golang/glog"`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`"github.com/nirmata/kyverno/pkg/engine"`
existing resource reporting 2019-08-13 13:15:04 -07:00			`"github.com/nirmata/kyverno/pkg/event"`
			`"github.com/nirmata/kyverno/pkg/policyviolation"`
			`)`

replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`func (pc *PolicyController) report(engineResponses []engine.EngineResponseNew) {`
existing resource reporting 2019-08-13 13:15:04 -07:00			`// generate events`
			`// generate policy violations`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`for _, policyInfo := range engineResponses {`
existing resource reporting 2019-08-13 13:15:04 -07:00			`// events`
			`// success - policy applied on resource`
			`// failure - policy/rule failed to apply on the resource`
clean up 2019-08-14 10:01:47 -07:00			`reportEvents(policyInfo, pc.eventGen)`
existing resource reporting 2019-08-13 13:15:04 -07:00			`// policy violations`
			`// failure - policy/rule failed to apply on the resource`
			`}`

			`// generate policy violation`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`policyviolation.CreatePV(pc.pvLister, pc.kyvernoClient, engineResponses)`
existing resource reporting 2019-08-13 13:15:04 -07:00			`}`

clean up 2019-08-14 10:01:47 -07:00			`//reportEvents generates events for the failed resources`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`func reportEvents(engineResponse engine.EngineResponseNew, eventGen event.Interface) {`
			`if engineResponse.IsSuccesful() {`
existing resource reporting 2019-08-13 13:15:04 -07:00			`return`
			`}`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`glog.V(4).Infof("reporting results for policy %s application on resource %s/%s/%s", engineResponse.PolicyResponse.Policy, engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name)`
			`for _, rule := range engineResponse.PolicyResponse.Rules {`
			`if rule.Success {`
			`return`
existing resource reporting 2019-08-13 13:15:04 -07:00			`}`

			`// generate event on resource for each failed rule`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`glog.V(4).Infof("generation event on resource %s/%s/%s for policy %s", engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name, engineResponse.PolicyResponse.Policy)`
			`e := event.Info{}`
			`e.Kind = engineResponse.PolicyResponse.Resource.Kind`
			`e.Namespace = engineResponse.PolicyResponse.Resource.Namespace`
			`e.Name = engineResponse.PolicyResponse.Policy`
existing resource reporting 2019-08-13 13:15:04 -07:00			`e.Reason = "Failure"`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`e.Message = fmt.Sprintf("policy %s (%s) rule %s failed to apply. %v", engineResponse.PolicyResponse.Policy, rule.Type, rule.Name, rule.Message)`
existing resource reporting 2019-08-13 13:15:04 -07:00			`eventGen.Add(e)`

			`}`
			`// generate a event on policy for all failed rules`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`glog.V(4).Infof("generation event on policy %s", engineResponse.PolicyResponse.Policy)`
			`e := event.Info{}`
existing resource reporting 2019-08-13 13:15:04 -07:00			`e.Kind = "Policy"`
			`e.Namespace = ""`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`e.Name = engineResponse.PolicyResponse.Policy`
existing resource reporting 2019-08-13 13:15:04 -07:00			`e.Reason = "Failure"`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00			`e.Message = fmt.Sprintf("failed to apply rules %v on resource %s/%s/%s", engineResponse.GetFailedRules(), engineResponse.PolicyResponse.Resource.Kind, engineResponse.PolicyResponse.Resource.Namespace, engineResponse.PolicyResponse.Resource.Name)`
existing resource reporting 2019-08-13 13:15:04 -07:00			`eventGen.Add(e)`
replace policyInfo with engineResponse 2019-08-26 13:34:42 -07:00
existing resource reporting 2019-08-13 13:15:04 -07:00			`}`