fix: remove unnecessary validation check for podSecurity rule (#9790)

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2025-03-13 19:28:55 +00:00 · 2024-02-26 08:56:51 +02:00 · 2024-02-26 08:56:51 +02:00 · 103cd460d0
commit 103cd460d0
parent 019fcaf377
2 changed files with 0 additions and 14 deletions
--- a/api/kyverno/v1/common_types.go
+++ b/api/kyverno/v1/common_types.go
@ -469,15 +469,6 @@ type PodSecurityStandard struct {
 	Values []string `json:"values,omitempty" yaml:"values,omitempty"`
 }

-// Validate checks if the values in the PodSecurityStandard struct are valid.
-func (pss *PodSecurityStandard) Validate(exclude PodSecurityStandard) error {
-	if (exclude.RestrictedField != "" && len(exclude.Values) == 0) || (exclude.RestrictedField == "" && len(exclude.Values) != 0) {
-		return fmt.Errorf("Values[] and RestrictedField must be set together")
-	}
-
-	return nil
-}
-
 // CEL allows validation checks using the Common Expression Language (https://kubernetes.io/docs/reference/using-api/cel/).
 type CEL struct {
 	// Expressions is a list of CELExpression types.
--- a/pkg/pss/evaluate.go
+++ b/pkg/pss/evaluate.go
@ -72,11 +72,6 @@ func evaluatePSS(level *api.LevelVersion, pod corev1.Pod) (results []pssutils.PS
 func exemptExclusions(defaultCheckResults, excludeCheckResults []pssutils.PSSCheckResult, exclude kyvernov1.PodSecurityStandard, pod *corev1.Pod, matching *corev1.Pod, isContainerLevelExclusion bool) ([]pssutils.PSSCheckResult, error) {
 	defaultCheckResultsMap := make(map[string]pssutils.PSSCheckResult, len(defaultCheckResults))

-	if err := exclude.Validate(exclude); err != nil {
-		fmt.Print(err)
-		return nil, err
-	}
-
 	for _, result := range defaultCheckResults {
 		defaultCheckResultsMap[result.ID] = result
 	}