rename GenerateExistingOnPolicyUpdate to GenerateExisting (#6321)

Signed-off-by: ShutingZhao <shuting@nirmata.com>

api/kyverno/v1/spec_types.go

@@ -101,11 +101,11 @@ type Spec struct {
 	// +optional
 	MutateExistingOnPolicyUpdate bool `json:"mutateExistingOnPolicyUpdate,omitempty" yaml:"mutateExistingOnPolicyUpdate,omitempty"`
 
-	// GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+	// GenerateExisting controls whether to trigger generate rule in existing resources
 	// If is set to "true" generate rule will be triggered and applied to existing matched resources.
 	// Defaults to "false" if not specified.
 	// +optional
-	GenerateExistingOnPolicyUpdate bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"`
+	GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"`
 }
 
 func (s *Spec) SetRules(rules []Rule) {
@@ -212,9 +212,9 @@ func (s *Spec) GetMutateExistingOnPolicyUpdate() bool {
 	return s.MutateExistingOnPolicyUpdate
 }
 
-// IsGenerateExistingOnPolicyUpdate return GenerateExistingOnPolicyUpdate set value
+// IsGenerateExisting return GenerateExisting set value
-func (s *Spec) IsGenerateExistingOnPolicyUpdate() bool {
+func (s *Spec) IsGenerateExisting() bool {
-	return s.GenerateExistingOnPolicyUpdate
+	return s.GenerateExisting
 }
 
 // GetFailurePolicy returns the failure policy to be applied

api/kyverno/v2beta1/spec_types.go

@@ -63,11 +63,11 @@ type Spec struct {
 	// +optional
 	MutateExistingOnPolicyUpdate bool `json:"mutateExistingOnPolicyUpdate,omitempty" yaml:"mutateExistingOnPolicyUpdate,omitempty"`
 
-	// GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+	// GenerateExisting controls whether to trigger generate rule in existing resources
 	// If is set to "true" generate rule will be triggered and applied to existing matched resources.
 	// Defaults to "false" if not specified.
 	// +optional
-	GenerateExistingOnPolicyUpdate bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"`
+	GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"`
 }
 
 func (s *Spec) SetRules(rules []Rule) {
@@ -174,9 +174,9 @@ func (s *Spec) GetMutateExistingOnPolicyUpdate() bool {
 	return s.MutateExistingOnPolicyUpdate
 }
 
-// IsGenerateExistingOnPolicyUpdate return GenerateExistingOnPolicyUpdate set value
+// IsGenerateExisting return GenerateExisting set value
-func (s *Spec) IsGenerateExistingOnPolicyUpdate() bool {
+func (s *Spec) IsGenerateExisting() bool {
-	return s.GenerateExistingOnPolicyUpdate
+	return s.GenerateExisting
 }
 
 // GetFailurePolicy returns the failure policy to be applied

charts/kyverno/templates/crds/crds.yaml

@@ -3503,11 +3503,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting
@@ -10213,11 +10213,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting
@@ -16682,11 +16682,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting
@@ -23394,11 +23394,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting

config/crds/kyverno.io_clusterpolicies.yaml

@@ -101,11 +101,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting
@@ -6811,11 +6811,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting

config/crds/kyverno.io_policies.yaml

@@ -102,11 +102,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting
@@ -6814,11 +6814,11 @@ spec:
                 - Ignore
                 - Fail
                 type: string
-              generateExistingOnPolicyUpdate:
+              generateExisting:
-                description: GenerateExistingOnPolicyUpdate controls whether to trigger
+                description: GenerateExisting controls whether to trigger generate
-                  generate rule in existing resources If is set to "true" generate
+                  rule in existing resources If is set to "true" generate rule will
-                  rule will be triggered and applied to existing matched resources.
+                  be triggered and applied to existing matched resources. Defaults
-                  Defaults to "false" if not specified.
+                  to "false" if not specified.
                 type: boolean
               mutateExistingOnPolicyUpdate:
                 description: MutateExistingOnPolicyUpdate controls if a mutateExisting

docs/crd/v1/index.html

@@ -222,14 +222,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code></br>
+<code>generateExisting</code></br>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -447,14 +447,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code></br>
+<code>generateExisting</code></br>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -3347,14 +3347,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code></br>
+<code>generateExisting</code></br>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>

docs/user/crd/index.html

@@ -238,14 +238,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -464,14 +464,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -3332,14 +3332,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -5638,14 +5638,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -5863,14 +5863,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>
@@ -6716,14 +6716,14 @@ Default value is &ldquo;false&rdquo;.</p>
 </tr>
 <tr>
 <td>
-<code>generateExistingOnPolicyUpdate</code><br/>
+<code>generateExisting</code><br/>
 <em>
 bool
 </em>
 </td>
 <td>
 <em>(Optional)</em>
-<p>GenerateExistingOnPolicyUpdate controls whether to trigger generate rule in existing resources
+<p>GenerateExisting controls whether to trigger generate rule in existing resources
 If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
 Defaults to &ldquo;false&rdquo; if not specified.</p>
 </td>

pkg/background/generate/generate.go

@@ -401,7 +401,7 @@ func applyRule(log logr.Logger, client dclient.Interface, rule kyvernov1.Rule, r
 		label := newResource.GetLabels()
 
 		// Add background gen-rule label if generate rule applied on existing resource
-		if policy.GetSpec().IsGenerateExistingOnPolicyUpdate() {
+		if policy.GetSpec().IsGenerateExisting() {
 			label[LabelBackgroundGenRuleName] = rule.Name
 		}
 

pkg/policy/generate.go

@@ -21,16 +21,13 @@ func (pc *PolicyController) handleGenerate(policyKey string, policy kyvernov1.Po
 	logger := pc.log.WithName("handleGenerate").WithName(policyKey)
 	logger.Info("update URs on policy event")
 
-	generateURs := pc.listGenerateURs(policyKey, nil)
-	updateUR(pc.kyvernoClient, pc.urLister.UpdateRequests(config.KyvernoNamespace()), policyKey, generateURs, pc.log.WithName("updateUR"))
-
 	for _, rule := range policy.GetSpec().Rules {
-		if err := pc.createUR(policy, rule, false); err != nil {
+		if err := pc.createURForDataRule(policy, rule, false); err != nil {
 			logger.Error(err, "failed to create UR on policy event")
 		}
 
 		var ruleType kyvernov1beta1.RequestType
-		if policy.GetSpec().IsGenerateExistingOnPolicyUpdate() {
+		if policy.GetSpec().IsGenerateExisting() {
 			ruleType = kyvernov1beta1.Generate
 			triggers := generateTriggers(pc.client, rule, pc.log)
 			for _, trigger := range triggers {
@@ -77,7 +74,7 @@ func (pc *PolicyController) createURForDownstreamDeletion(policy kyvernov1.Polic
 	for _, r := range rules {
 		generateType, sync := r.GetGenerateTypeAndSync()
 		if sync && (generateType == kyvernov1.Data) {
-			if err := pc.createUR(policy, r, true); err != nil {
+			if err := pc.createURForDataRule(policy, r, true); err != nil {
 				errs = append(errs, err)
 			}
 		}
@@ -85,7 +82,7 @@ func (pc *PolicyController) createURForDownstreamDeletion(policy kyvernov1.Polic
 	return multierr.Combine(errs...)
 }
 
-func (pc *PolicyController) createUR(policy kyvernov1.PolicyInterface, rule kyvernov1.Rule, deleteDownstream bool) error {
+func (pc *PolicyController) createURForDataRule(policy kyvernov1.PolicyInterface, rule kyvernov1.Rule, deleteDownstream bool) error {
 	generate := rule.Generation
 	if !generate.Synchronize {
 		// no action for non-sync policy/rule

pkg/policy/policy_controller.go

@@ -2,9 +2,7 @@ package policy
 
 import (
 	"context"
-	"crypto/rand"
 	"fmt"
-	"math/big"
 	"reflect"
 	"time"
 
@@ -453,29 +451,3 @@ func generateTriggers(client dclient.Interface, rule kyvernov1.Rule, log logr.Lo
 	}
 	return convertlist(list.Items)
 }
-
-func updateUR(kyvernoClient versioned.Interface, urLister kyvernov1beta1listers.UpdateRequestNamespaceLister, policyKey string, urList []*kyvernov1beta1.UpdateRequest, logger logr.Logger) {
-	for _, ur := range urList {
-		if policyKey == ur.Spec.GetPolicyKey() {
-			_, err := backgroundcommon.Update(kyvernoClient, urLister, ur.GetName(), func(ur *kyvernov1beta1.UpdateRequest) {
-				urLabels := ur.Labels
-				if len(urLabels) == 0 {
-					urLabels = make(map[string]string)
-				}
-				nBig, err := rand.Int(rand.Reader, big.NewInt(100000))
-				if err != nil {
-					logger.Error(err, "failed to generate random interger")
-				}
-				urLabels["policy-update"] = fmt.Sprintf("revision-count-%d", nBig.Int64())
-				ur.SetLabels(urLabels)
-			})
-			if err != nil {
-				logger.Error(err, "failed to update gr", "name", ur.GetName())
-				continue
-			}
-			if _, err := backgroundcommon.UpdateStatus(kyvernoClient, urLister, ur.GetName(), kyvernov1beta1.Pending, "", nil); err != nil {
-				logger.Error(err, "failed to set UpdateRequest state to Pending")
-			}
-		}
-	}
-}

test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/cluster-policy.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: sync-with-multi-clone
 spec:
-  generateExistingOnPolicyUpdate: false
+  generateExisting: false
   rules:
   - name: sync-secret
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-update/cluster-policy.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: sync-with-multi-clone-update
 spec:
-  generateExistingOnPolicyUpdate: false
+  generateExisting: false
   rules:
   - name: sync-secret
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/data/nosync/cpol-data-nosync-delete-downstream/01-manifests.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: zk-kafka-address
 spec:
-  generateExistingOnPolicyUpdate: true
+  generateExisting: true
   rules:
   - name: k-kafka-address
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/data/sync/cpol-data-sync-create/01-manifests.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: zk-kafka-address
 spec:
-  generateExistingOnPolicyUpdate: false
+  generateExisting: false
   rules:
   - name: k-kafka-address
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/data/sync/cpol-data-sync-delete-policy/01-manifests.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: cpol-data-sync-delete-policy
 spec:
-  generateExistingOnPolicyUpdate: false
+  generateExisting: false
   rules:
   - name: cpol-data-sync-delete-rule
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-rule/01-manifests.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: zk-kafka-address
 spec:
-  generateExistingOnPolicyUpdate: true
+  generateExisting: true
   rules:
   - name: k-kafka-address
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-rule/03-policy-update.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: zk-kafka-address
 spec:
-  generateExistingOnPolicyUpdate: true
+  generateExisting: true
   rules:
   - name: k-kafka-address
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/existing/existing-basic-create-data/policy.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: existing-basic-create-data-policy
 spec:
-  generateExistingOnPolicyUpdate: true
+  generateExisting: true
   rules:
   - name: existing-basic-create-rule
     match:

test/conformance/kuttl/generate/clusterpolicy/standard/existing/existing-basic-create-preconditions-data/policy.yaml

@@ -3,7 +3,7 @@ kind: ClusterPolicy
 metadata:
   name: existing-basic-create-data-preconditions-policy
 spec:
-  generateExistingOnPolicyUpdate: true
+  generateExisting: true
   rules:
   - name: existing-basic-create-data-preconditions-rule
     match: