create events for policy and resource

pkg/controller/controller.go

@@ -180,51 +180,50 @@ func (pc *PolicyController) syncHandler(obj interface{}) error {
 	//TODO: processPolicy
 	glog.Infof("process policy %s on existing resources", policy.GetName())
 	policyInfos := engine.ProcessExisting(pc.client, policy)
-	createEvents(pc.eventController, policyInfos)
+	events := createEvents(pc.eventController, policyInfos)
+	for _, e := range events {
+		pc.eventController.Add(e)
+	}
 	return nil
 }
 
-func createEvents(eventController event.Generator, policyInfos []*info.PolicyInfo) {
+func createEvents(eventController event.Generator, policyInfos []*info.PolicyInfo) []event.Info {
 	events := []event.Info{}
 	// Create events from the policyInfo
 	for _, policyInfo := range policyInfos {
 		fruleNames := []string{}
 		sruleNames := []string{}
-		if !policyInfo.IsSuccessful() {
-			// Create Policy Violation on Policy for Mutation rules
-			// Create Event on Resource for Mutation rules
-			for _, rule := range policyInfo.Rules {
-				if rule.RuleType == info.Mutation {
-					fruleNames = append(fruleNames, rule.Name)
-					e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
-					events = append(events, e)
-				}
-				// Create Policy Violation for Generation rules
-				if rule.RuleType == info.Generation {
-					fruleNames = append(fruleNames, rule.Name)
-					e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
-					events = append(events, e)
 
+		for _, rule := range policyInfo.Rules {
+			if !rule.IsSuccessful() {
+				e := event.Info{}
+				fruleNames = append(fruleNames, rule.Name)
+				switch rule.RuleType {
+				case info.Mutation, info.Validation, info.Generation:
+					e = event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
+				default:
+					glog.Info("Unsupported Rule type")
 				}
-				// Create Policy Violation for Violation rules
-				if rule.RuleType == info.Generation {
-					fruleNames = append(fruleNames, rule.Name)
-					// create a mutaton event
-					e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
-					events = append(events, e)
-				}
+				fruleNames = append(fruleNames, rule.Name)
+				events = append(events, e)
+			} else {
 				sruleNames = append(sruleNames, rule.Name)
 			}
-			// Create Event
+		}
+
+		if !policyInfo.IsSuccessful() {
+			// build Events
 			// list of failed rules : ruleNames
-			e := event.NewEvent("Policy", policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FResourcePolcy, policyInfo.RNamespace+"/"+policyInfo.RName, strings.Join(fruleNames, ";"))
+			e := event.NewEvent("Policy", "", policyInfo.Name, event.PolicyViolation, event.FResourcePolcy, policyInfo.RNamespace+"/"+policyInfo.RName, strings.Join(fruleNames, ";"))
 			events = append(events, e)
 		} else {
 			// Policy was processed succesfully
-			e := event.NewEvent("Policy", policyInfo.RNamespace, policyInfo.RName, event.PolicyApplied, event.SPolicyApply, policyInfo.Name)
+			e := event.NewEvent("Policy", "", policyInfo.Name, event.PolicyApplied, event.SPolicyApply, policyInfo.Name)
 			events = append(events, e)
 			// Policy applied succesfully on resource
 			e = event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyApplied, event.SRuleApply, strings.Join(sruleNames, ";"), policyInfo.RName)
+			events = append(events, e)
 		}
 	}
+	return events
 }

pkg/engine/engine.go

@@ -17,7 +17,7 @@ import (
 
 // ProcessExisting checks for mutation and validation violations of existing resources
 func ProcessExisting(client *client.Client, policy *types.Policy) []*info.PolicyInfo {
-	glog.Info("Applying policy %s on existing resources", policy.Name)
+	glog.Infof("Applying policy %s on existing resources", policy.Name)
 	// policyInfo := info.NewPolicyInfo(policy.Name,
 	// 	rname,
 	// 	rns)
@@ -29,7 +29,7 @@ func ProcessExisting(client *client.Client, policy *types.Policy) []*info.Policy
 			gvr := client.DiscoveryClient.GetGVRFromKind(k)
 			// label selectors
 			// namespace ? should it be default or allow policy to specify it
-			list, err := client.ListResource(gvr.Resource, "", rule.ResourceDescription.Selector)
+			list, err := client.ListResource(gvr.Resource, "default", rule.ResourceDescription.Selector)
 			if err != nil {
 				glog.Errorf("unable to list resource for %s with label selector %s", gvr.Resource, rule.Selector.String())
 				glog.Errorf("unable to apply policy %s rule %s. err: %s", policy.Name, rule.Name, err)
@@ -110,7 +110,7 @@ func mutation(p *types.Policy, rawResource []byte, gvk *metav1.GroupVersionKind)
 	}
 	// compare (original Resource + patch) vs (original resource)
 	// to verify if they are equal
-	ruleInfo := info.NewRuleInfo("mutation rules", info.Mutation)
+	ruleInfo := info.NewRuleInfo("over-all mutation", info.Mutation)
 	if !jsonpatch.Equal(patchedResource, rawResource) {
 		//resource does not match so there was a mutation rule violated
 		// TODO : check the rule name "mutation rules"

pkg/event/controller.go

@@ -131,7 +131,7 @@ func (c *controller) SyncHandler(key Info) error {
 	switch key.Kind {
 	case "Policy":
 		//TODO: policy is clustered resource so wont need namespace
-		robj, err = c.policyLister.Get(key.Reason)
+		robj, err = c.policyLister.Get(key.Name)
 		if err != nil {
 			glog.Errorf("unable to create event for policy %s, will retry ", key.Name)
 			return err
@@ -154,7 +154,7 @@ func (c *controller) SyncHandler(key Info) error {
 
 //NewEvent returns a new event
 func NewEvent(rkind string, rnamespace string, rname string, reason Reason, message MsgKey, args ...interface{}) Info {
-	msgText, err := getEventMsg(message, args)
+	msgText, err := getEventMsg(message, args...)
 	if err != nil {
 		glog.Error(err)
 	}

pkg/event/msgbuilder.go

@@ -21,13 +21,13 @@ const (
 
 func (k MsgKey) String() string {
 	return [...]string{
-		"Failed to satisfy policy on resource %s.The following rules %s failed to apply. Created Policy Violation",
-		"Failed to process rule %s of policy %s. Created Policy Violation",
-		"Policy applied successfully on the resource %s",
-		"Rules %s of Policy %s applied successful",
-		"Failed to apply policy, blocked creation of resource %s. The following rules %s failed to apply",
-		"Failed to apply rule %s of policy %s Blocked update of the resource",
-		"Failed to apply policy on resource %s.Blocked update of the resource. The following rules %s failed to apply",
+		"Failed to satisfy policy on resource '%s'.The following rules '%s' failed to apply. Created Policy Violation",
+		"Failed to process rule '%s' of policy '%s'. Created Policy Violation",
+		"Policy applied successfully on the resource '%s'",
+		"Rules '%s' of Policy '%s' applied successful",
+		"Failed to apply policy, blocked creation of resource '%s'. The following rules '%s' failed to apply",
+		"Failed to apply rule '%s' of policy '%s' Blocked update of the resource",
+		"Failed to apply policy on resource '%s'.Blocked update of the resource. The following rules '%s' failed to apply",
 	}[k]
 }
 

pkg/info/info.go

@@ -111,5 +111,6 @@ func (pi *PolicyInfo) AddRuleInfos(rules []*RuleInfo) {
 	if !RulesSuccesfuly(rules) {
 		pi.success = false
 	}
-	pi.Rules = rules
+
+	pi.Rules = append(pi.Rules, rules...)
 }