diff --git a/api/kyverno/v2beta1/common_types.go b/api/kyverno/v2beta1/common_types.go
index ca106b022e..8ab462d529 100644
--- a/api/kyverno/v2beta1/common_types.go
+++ b/api/kyverno/v2beta1/common_types.go
@@ -1,9 +1,8 @@
package v2beta1
import (
+ "github.com/kyverno/kyverno/api/kyverno"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
- "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
- apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
)
// Validation defines checks to be performed on matching resources.
@@ -34,13 +33,15 @@ type Validation struct {
ForEachValidation []kyvernov1.ForEachValidation `json:"foreach,omitempty" yaml:"foreach,omitempty"`
// Pattern specifies an overlay-style pattern used to check resources.
- // +optional
- RawPattern *apiextv1.JSON `json:"pattern,omitempty" yaml:"pattern,omitempty"`
+ // +kubebuilder:validation:Schemaless
+ // +kubebuilder:pruning:PreserveUnknownFields
+ RawPattern *kyverno.Any `json:"pattern,omitempty" yaml:"pattern,omitempty"`
// AnyPattern specifies list of validation patterns. At least one of the patterns
// must be satisfied for the validation rule to succeed.
- // +optional
- RawAnyPattern *apiextv1.JSON `json:"anyPattern,omitempty" yaml:"anyPattern,omitempty"`
+ // +kubebuilder:validation:Schemaless
+ // +kubebuilder:pruning:PreserveUnknownFields
+ RawAnyPattern *kyverno.Any `json:"anyPattern,omitempty" yaml:"anyPattern,omitempty"`
// Deny defines conditions used to pass or fail a validation rule.
// +optional
@@ -101,7 +102,9 @@ type Deny struct {
type Condition struct {
// Key is the context entry (using JMESPath) for conditional rule evaluation.
- RawKey *apiextv1.JSON `json:"key,omitempty" yaml:"key,omitempty"`
+ // +kubebuilder:validation:Schemaless
+ // +kubebuilder:pruning:PreserveUnknownFields
+ RawKey *kyverno.Any `json:"key,omitempty" yaml:"key,omitempty"`
// Operator is the conditional operation to perform. Valid operators are:
// Equals, NotEquals, In, AnyIn, AllIn, NotIn, AnyNotIn, AllNotIn, GreaterThanOrEquals,
@@ -111,27 +114,28 @@ type Condition struct {
// Value is the conditional value, or set of values. The values can be fixed set
// or can be variables declared using JMESPath.
- // +optional
- RawValue *apiextv1.JSON `json:"value,omitempty" yaml:"value,omitempty"`
+ // +kubebuilder:validation:Schemaless
+ // +kubebuilder:pruning:PreserveUnknownFields
+ RawValue *kyverno.Any `json:"value,omitempty" yaml:"value,omitempty"`
// Message is an optional display message
Message string `json:"message,omitempty" yaml:"message,omitempty"`
}
-func (c *Condition) GetKey() apiextensions.JSON {
- return kyvernov1.FromJSON(c.RawKey)
+func (c *Condition) GetKey() any {
+ return kyverno.FromAny(c.RawKey)
}
-func (c *Condition) SetKey(in apiextensions.JSON) {
- c.RawKey = kyvernov1.ToJSON(in)
+func (c *Condition) SetKey(in any) {
+ c.RawKey = kyverno.ToAny(in)
}
-func (c *Condition) GetValue() apiextensions.JSON {
- return kyvernov1.FromJSON(c.RawValue)
+func (c *Condition) GetValue() any {
+ return kyverno.FromAny(c.RawValue)
}
-func (c *Condition) SetValue(in apiextensions.JSON) {
- c.RawValue = kyvernov1.ToJSON(in)
+func (c *Condition) SetValue(in any) {
+ c.RawValue = kyverno.ToAny(in)
}
type AnyAllConditions struct {
diff --git a/api/kyverno/v2beta1/spec_test.go b/api/kyverno/v2beta1/spec_test.go
index ff3f131d65..69da20f938 100644
--- a/api/kyverno/v2beta1/spec_test.go
+++ b/api/kyverno/v2beta1/spec_test.go
@@ -3,9 +3,9 @@ package v2beta1
import (
"testing"
+ "github.com/kyverno/kyverno/api/kyverno"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
"gotest.tools/assert"
- apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
"k8s.io/apimachinery/pkg/util/validation/field"
)
@@ -23,10 +23,8 @@ func Test_Validate_UniqueRuleName(t *testing.T) {
}},
},
Validation: Validation{
- Message: "message",
- RawAnyPattern: &apiextv1.JSON{
- Raw: []byte("{"),
- },
+ Message: "message",
+ RawAnyPattern: kyverno.ToAny("{"),
},
}, {
Name: "deny-privileged-disallowpriviligedescalation",
@@ -39,10 +37,8 @@ func Test_Validate_UniqueRuleName(t *testing.T) {
}},
}},
Validation: Validation{
- Message: "message",
- RawAnyPattern: &apiextv1.JSON{
- Raw: []byte("{"),
- },
+ Message: "message",
+ RawAnyPattern: kyverno.ToAny("{"),
},
}},
}
diff --git a/api/kyverno/v2beta1/zz_generated.deepcopy.go b/api/kyverno/v2beta1/zz_generated.deepcopy.go
index 7b1eae6591..8b1fe999e4 100755
--- a/api/kyverno/v2beta1/zz_generated.deepcopy.go
+++ b/api/kyverno/v2beta1/zz_generated.deepcopy.go
@@ -24,7 +24,6 @@ package v2beta1
import (
v1 "github.com/kyverno/kyverno/api/kyverno/v1"
admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
- apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
@@ -305,13 +304,11 @@ func (in *Condition) DeepCopyInto(out *Condition) {
*out = *in
if in.RawKey != nil {
in, out := &in.RawKey, &out.RawKey
- *out = new(apiextensionsv1.JSON)
- (*in).DeepCopyInto(*out)
+ *out = (*in).DeepCopy()
}
if in.RawValue != nil {
in, out := &in.RawValue, &out.RawValue
- *out = new(apiextensionsv1.JSON)
- (*in).DeepCopyInto(*out)
+ *out = (*in).DeepCopy()
}
return
}
@@ -857,13 +854,11 @@ func (in *Validation) DeepCopyInto(out *Validation) {
}
if in.RawPattern != nil {
in, out := &in.RawPattern, &out.RawPattern
- *out = new(apiextensionsv1.JSON)
- (*in).DeepCopyInto(*out)
+ *out = (*in).DeepCopy()
}
if in.RawAnyPattern != nil {
in, out := &in.RawAnyPattern, &out.RawAnyPattern
- *out = new(apiextensionsv1.JSON)
- (*in).DeepCopyInto(*out)
+ *out = (*in).DeepCopy()
}
if in.Deny != nil {
in, out := &in.Deny, &out.Deny
diff --git a/docs/user/crd/index.html b/docs/user/crd/index.html
index b8b8253dce..d755e58da8 100644
--- a/docs/user/crd/index.html
+++ b/docs/user/crd/index.html
@@ -8100,9 +8100,7 @@ Kubernetes meta/v1.Time
key
-
-Kubernetes apiextensions/v1.JSON
-
+github.com/kyverno/kyverno/api/kyverno.Any
|
@@ -8129,13 +8127,10 @@ DurationLessThanOrEquals, DurationLessThan
|
value
-
-Kubernetes apiextensions/v1.JSON
-
+github.com/kyverno/kyverno/api/kyverno.Any
|
-(Optional)
Value is the conditional value, or set of values. The values can be fixed set
or can be variables declared using JMESPath.
|
@@ -9205,13 +9200,10 @@ Manifests
pattern
-
-Kubernetes apiextensions/v1.JSON
-
+github.com/kyverno/kyverno/api/kyverno.Any
|
-(Optional)
Pattern specifies an overlay-style pattern used to check resources.
|
@@ -9219,13 +9211,10 @@ Kubernetes apiextensions/v1.JSON
anyPattern
-
-Kubernetes apiextensions/v1.JSON
-
+github.com/kyverno/kyverno/api/kyverno.Any
|
-(Optional)
AnyPattern specifies list of validation patterns. At least one of the patterns
must be satisfied for the validation rule to succeed.
|
diff --git a/docs/user/crd/kyverno.v2beta1.html b/docs/user/crd/kyverno.v2beta1.html
index 495749aab6..24e728161f 100644
--- a/docs/user/crd/kyverno.v2beta1.html
+++ b/docs/user/crd/kyverno.v2beta1.html
@@ -2444,7 +2444,7 @@ and admission review request information like the name or role.
- k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
+ github.com/kyverno/kyverno/api/kyverno.Any
@@ -2500,12 +2500,14 @@ DurationLessThanOrEquals, DurationLessThan
value
+ *
+
- k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
+ github.com/kyverno/kyverno/api/kyverno.Any
|
@@ -4666,12 +4668,14 @@ namespace-wise. It overrides ValidationFailureAction for the specified namespace
pattern
+ *
+
- k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
+ github.com/kyverno/kyverno/api/kyverno.Any
|
@@ -4693,12 +4697,14 @@ namespace-wise. It overrides ValidationFailureAction for the specified namespace
anyPattern
+ *
+
- k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
+ github.com/kyverno/kyverno/api/kyverno.Any
|
diff --git a/pkg/client/applyconfigurations/kyverno/v2beta1/condition.go b/pkg/client/applyconfigurations/kyverno/v2beta1/condition.go
index 57a82b3223..2a1f9fe355 100644
--- a/pkg/client/applyconfigurations/kyverno/v2beta1/condition.go
+++ b/pkg/client/applyconfigurations/kyverno/v2beta1/condition.go
@@ -19,16 +19,16 @@ limitations under the License.
package v2beta1
import (
+ kyverno "github.com/kyverno/kyverno/api/kyverno"
v2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
- v1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
)
// ConditionApplyConfiguration represents an declarative configuration of the Condition type for use
// with apply.
type ConditionApplyConfiguration struct {
- RawKey *v1.JSON `json:"key,omitempty"`
+ RawKey *kyverno.Any `json:"key,omitempty"`
Operator *v2beta1.ConditionOperator `json:"operator,omitempty"`
- RawValue *v1.JSON `json:"value,omitempty"`
+ RawValue *kyverno.Any `json:"value,omitempty"`
Message *string `json:"message,omitempty"`
}
@@ -41,7 +41,7 @@ func Condition() *ConditionApplyConfiguration {
// WithRawKey sets the RawKey field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RawKey field is set to the value of the last call.
-func (b *ConditionApplyConfiguration) WithRawKey(value v1.JSON) *ConditionApplyConfiguration {
+func (b *ConditionApplyConfiguration) WithRawKey(value kyverno.Any) *ConditionApplyConfiguration {
b.RawKey = &value
return b
}
@@ -57,7 +57,7 @@ func (b *ConditionApplyConfiguration) WithOperator(value v2beta1.ConditionOperat
// WithRawValue sets the RawValue field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RawValue field is set to the value of the last call.
-func (b *ConditionApplyConfiguration) WithRawValue(value v1.JSON) *ConditionApplyConfiguration {
+func (b *ConditionApplyConfiguration) WithRawValue(value kyverno.Any) *ConditionApplyConfiguration {
b.RawValue = &value
return b
}
diff --git a/pkg/client/applyconfigurations/kyverno/v2beta1/validation.go b/pkg/client/applyconfigurations/kyverno/v2beta1/validation.go
index bac8683ee2..fff237a500 100644
--- a/pkg/client/applyconfigurations/kyverno/v2beta1/validation.go
+++ b/pkg/client/applyconfigurations/kyverno/v2beta1/validation.go
@@ -19,9 +19,9 @@ limitations under the License.
package v2beta1
import (
+ kyverno "github.com/kyverno/kyverno/api/kyverno"
v1 "github.com/kyverno/kyverno/api/kyverno/v1"
kyvernov1 "github.com/kyverno/kyverno/pkg/client/applyconfigurations/kyverno/v1"
- apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
)
// ValidationApplyConfiguration represents an declarative configuration of the Validation type for use
@@ -32,8 +32,8 @@ type ValidationApplyConfiguration struct {
Message *string `json:"message,omitempty"`
Manifests *kyvernov1.ManifestsApplyConfiguration `json:"manifests,omitempty"`
ForEachValidation []kyvernov1.ForEachValidationApplyConfiguration `json:"foreach,omitempty"`
- RawPattern *apiextensionsv1.JSON `json:"pattern,omitempty"`
- RawAnyPattern *apiextensionsv1.JSON `json:"anyPattern,omitempty"`
+ RawPattern *kyverno.Any `json:"pattern,omitempty"`
+ RawAnyPattern *kyverno.Any `json:"anyPattern,omitempty"`
Deny *DenyApplyConfiguration `json:"deny,omitempty"`
PodSecurity *kyvernov1.PodSecurityApplyConfiguration `json:"podSecurity,omitempty"`
CEL *kyvernov1.CELApplyConfiguration `json:"cel,omitempty"`
@@ -98,7 +98,7 @@ func (b *ValidationApplyConfiguration) WithForEachValidation(values ...*kyvernov
// WithRawPattern sets the RawPattern field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RawPattern field is set to the value of the last call.
-func (b *ValidationApplyConfiguration) WithRawPattern(value apiextensionsv1.JSON) *ValidationApplyConfiguration {
+func (b *ValidationApplyConfiguration) WithRawPattern(value kyverno.Any) *ValidationApplyConfiguration {
b.RawPattern = &value
return b
}
@@ -106,7 +106,7 @@ func (b *ValidationApplyConfiguration) WithRawPattern(value apiextensionsv1.JSON
// WithRawAnyPattern sets the RawAnyPattern field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RawAnyPattern field is set to the value of the last call.
-func (b *ValidationApplyConfiguration) WithRawAnyPattern(value apiextensionsv1.JSON) *ValidationApplyConfiguration {
+func (b *ValidationApplyConfiguration) WithRawAnyPattern(value kyverno.Any) *ValidationApplyConfiguration {
b.RawAnyPattern = &value
return b
}