Indicate in report result the origin, admission, or background (#12056)

* Indicate in report result the origin, admission or background Signed-off-by: Rohanraj123 <rajrohan88293@gmail.com> * Add Null check on AsKyvernoPolicy() method Signed-off-by: Rohanraj123 <rajrohan88293@gmail.com> --------- Signed-off-by: Rohanraj123 <rajrohan88293@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>
2025-03-06 16:06:56 +00:00 · 2025-03-03 12:34:24 +05:30 · 2025-03-03 12:34:24 +05:30 · 1202eef054
commit 1202eef054
parent f2f724469d
2 changed files with 72 additions and 55 deletions
--- a/cmd/cli/kubectl-kyverno/report/report_test.go
+++ b/cmd/cli/kubectl-kyverno/report/report_test.go
@ -191,6 +191,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}, {
@ -207,6 +208,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}, {
@ -223,6 +225,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}, {
@ -239,6 +242,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}, {
@ -255,6 +259,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}, {
@ -271,6 +276,7 @@ func TestComputePolicyReportResult(t *testing.T) {
 			Message:    "test",
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Properties: map[string]string{"source": "admission review"},
 			Severity:   policyreportv1alpha2.SeverityMedium,
 		},
 	}}
@ -311,7 +317,7 @@ func TestPSSComputePolicyReportResult(t *testing.T) {
 			Scored:     true,
 			Category:   "Pod Security Standards (Restricted)",
 			Severity:   policyreportv1alpha2.SeverityMedium,
-			Properties: nil,
+			Properties: map[string]string{"source": "background scan"},
 		},
 	}}
 	for _, tt := range tests {
--- a/pkg/utils/report/results.go
+++ b/pkg/utils/report/results.go
@ -106,6 +106,17 @@ func ToPolicyReportResult(pol engineapi.GenericPolicy, ruleResult engineapi.Rule
 		Category: annotations[kyverno.AnnotationPolicyCategory],
 		Severity: SeverityFromString(annotations[kyverno.AnnotationPolicySeverity]),
 	}
 	source := ""
 	if kyvernoPolicy := pol.AsKyvernoPolicy(); kyvernoPolicy != nil {
 		if kyvernoPolicy.BackgroundProcessingEnabled() {
 			source = "background scan"
 		} else if kyvernoPolicy.AdmissionProcessingEnabled() {
 			source = "admission review"
 		}
 	}
 	addProperty("source", source, &result)
 	if result.Result == "fail" && !result.Scored {
 		result.Result = "warn"
 	}