mirror of
https://github.com/kyverno/kyverno.git
synced 2025-01-20 18:52:16 +00:00
get name + namespace as arguments
This commit is contained in:
parent
42d24f6cc7
commit
1919bf1809
4 changed files with 41 additions and 46 deletions
|
@ -6,7 +6,6 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/nirmata/kyverno/pkg/info"
|
||||
"github.com/nirmata/kyverno/pkg/result"
|
||||
|
||||
"github.com/nirmata/kyverno/pkg/engine"
|
||||
|
||||
|
@ -197,13 +196,13 @@ func createEvents(eventController event.Generator, policyInfos []*info.PolicyInf
|
|||
for _, rule := range policyInfo.Rules {
|
||||
if rule.RuleType == info.Mutation {
|
||||
fruleNames = append(fruleNames, rule.Name)
|
||||
e := event.NewEvent(policyInfo.Kind, policyInfo.Resource, result.Violation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
events = append(events, e)
|
||||
}
|
||||
// Create Policy Violation for Generation rules
|
||||
if rule.RuleType == info.Generation {
|
||||
fruleNames = append(fruleNames, rule.Name)
|
||||
e := event.NewEvent(policyInfo.Kind, policyInfo.Resource, result.Violation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
events = append(events, e)
|
||||
|
||||
}
|
||||
|
@ -211,21 +210,21 @@ func createEvents(eventController event.Generator, policyInfos []*info.PolicyInf
|
|||
if rule.RuleType == info.Generation {
|
||||
fruleNames = append(fruleNames, rule.Name)
|
||||
// create a mutaton event
|
||||
e := event.NewEvent(policyInfo.Kind, policyInfo.Resource, result.Violation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
e := event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FProcessRule, rule.Name, policyInfo.Name)
|
||||
events = append(events, e)
|
||||
}
|
||||
sruleNames = append(sruleNames, rule.Name)
|
||||
}
|
||||
// Create Event
|
||||
// list of failed rules : ruleNames
|
||||
e := event.NewEvent("Policy", policyInfo.Name, result.Violation, event.FResourcePolcy, policyInfo.Name+"/"+policyInfo.Namespace, strings.Join(fruleNames, ";"))
|
||||
e := event.NewEvent("Policy", policyInfo.RNamespace, policyInfo.RName, event.PolicyViolation, event.FResourcePolcy, policyInfo.RNamespace+"/"+policyInfo.RName, strings.Join(fruleNames, ";"))
|
||||
events = append(events, e)
|
||||
} else {
|
||||
// Policy was processed succesfully
|
||||
e := event.NewEvent("Policy", policyInfo.Name, result.Success, event.SPolicyApply, policyInfo.Name)
|
||||
e := event.NewEvent("Policy", policyInfo.RNamespace, policyInfo.RName, event.PolicyApplied, event.SPolicyApply, policyInfo.Name)
|
||||
events = append(events, e)
|
||||
// Policy applied succesfully on resource
|
||||
e = event.NewEvent(policyInfo.Kind, policyInfo.Name, result.Success, event.SRuleApply, strings.Join(sruleNames, ";"), policyInfo.Name)
|
||||
e = event.NewEvent(policyInfo.RKind, policyInfo.RNamespace, policyInfo.RName, event.PolicyApplied, event.SRuleApply, strings.Join(sruleNames, ";"), policyInfo.RName)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,14 +9,12 @@ import (
|
|||
policyscheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
|
||||
v1alpha1 "github.com/nirmata/kyverno/pkg/client/listers/policy/v1alpha1"
|
||||
client "github.com/nirmata/kyverno/pkg/dclient"
|
||||
"github.com/nirmata/kyverno/pkg/result"
|
||||
"github.com/nirmata/kyverno/pkg/sharedinformer"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
|
||||
"k8s.io/client-go/tools/cache"
|
||||
"k8s.io/client-go/tools/record"
|
||||
"k8s.io/client-go/util/workqueue"
|
||||
)
|
||||
|
@ -115,7 +113,7 @@ func (c *controller) processNextWorkItem() bool {
|
|||
// Run the syncHandler, passing the resource and the policy
|
||||
if err := c.SyncHandler(key); err != nil {
|
||||
c.queue.AddRateLimited(key)
|
||||
return fmt.Errorf("error syncing '%s' : %s, requeuing event creation request", key.Resource, err.Error())
|
||||
return fmt.Errorf("error syncing '%s' : %s, requeuing event creation request", key.Namespace+"/"+key.Name, err.Error())
|
||||
}
|
||||
return nil
|
||||
}(obj)
|
||||
|
@ -127,46 +125,43 @@ func (c *controller) processNextWorkItem() bool {
|
|||
}
|
||||
|
||||
func (c *controller) SyncHandler(key Info) error {
|
||||
var resource runtime.Object
|
||||
var robj runtime.Object
|
||||
var err error
|
||||
|
||||
switch key.Kind {
|
||||
case "Policy":
|
||||
//TODO: policy is clustered resource so wont need namespace
|
||||
resource, err = c.policyLister.Get(key.Resource)
|
||||
robj, err = c.policyLister.Get(key.Reason)
|
||||
if err != nil {
|
||||
glog.Errorf("unable to create event for policy %s, will retry ", key.Resource)
|
||||
glog.Errorf("unable to create event for policy %s, will retry ", key.Name)
|
||||
return err
|
||||
}
|
||||
default:
|
||||
namespace, name, err := cache.SplitMetaNamespaceKey(key.Resource)
|
||||
resource := c.client.DiscoveryClient.GetGVRFromKind(key.Kind).Resource
|
||||
robj, err = c.client.GetResource(resource, key.Namespace, key.Name)
|
||||
if err != nil {
|
||||
glog.Errorf("invalid resource key: %s", key.Resource)
|
||||
return err
|
||||
}
|
||||
rName := c.client.DiscoveryClient.GetGVRFromKind(key.Kind).Resource
|
||||
resource, err = c.client.GetResource(rName, namespace, name)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err != nil {
|
||||
glog.Errorf("unable to create event for resource %s, will retry ", key.Resource)
|
||||
glog.Errorf("unable to create event for resource %s, will retry ", key.Namespace+"/"+key.Name)
|
||||
return err
|
||||
}
|
||||
}
|
||||
c.recorder.Event(resource, v1.EventTypeNormal, key.Reason, key.Message)
|
||||
if key.Reason == PolicyApplied.String() {
|
||||
c.recorder.Event(robj, v1.EventTypeNormal, key.Reason, key.Message)
|
||||
} else {
|
||||
c.recorder.Event(robj, v1.EventTypeWarning, key.Reason, key.Message)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
//NewEvent returns a new event
|
||||
func NewEvent(kind string, resource string, reason result.Reason, message MsgKey, args ...interface{}) Info {
|
||||
func NewEvent(rkind string, rnamespace string, rname string, reason Reason, message MsgKey, args ...interface{}) Info {
|
||||
msgText, err := getEventMsg(message, args)
|
||||
if err != nil {
|
||||
glog.Error(err)
|
||||
}
|
||||
return Info{
|
||||
Kind: kind,
|
||||
Resource: resource,
|
||||
Kind: rkind,
|
||||
Name: rname,
|
||||
Namespace: rnamespace,
|
||||
Reason: reason.String(),
|
||||
Message: msgText,
|
||||
}
|
||||
|
|
|
@ -9,7 +9,8 @@ const eventWorkerThreadCount = 1
|
|||
//Info defines the event details
|
||||
type Info struct {
|
||||
Kind string
|
||||
Resource string
|
||||
Name string
|
||||
Namespace string
|
||||
Reason string
|
||||
Message string
|
||||
}
|
||||
|
|
|
@ -8,20 +8,20 @@ import (
|
|||
//PolicyInfo defines policy information
|
||||
type PolicyInfo struct {
|
||||
Name string
|
||||
Resource string
|
||||
Kind string
|
||||
Namespace string
|
||||
success bool
|
||||
RKind string
|
||||
RName string
|
||||
RNamespace string
|
||||
Rules []*RuleInfo
|
||||
success bool
|
||||
}
|
||||
|
||||
//NewPolicyInfo returns a new policy info
|
||||
func NewPolicyInfo(policyName string, kind string, resource string, ns string) *PolicyInfo {
|
||||
func NewPolicyInfo(policyName string, rKind string, rName string, rNamespace string) *PolicyInfo {
|
||||
return &PolicyInfo{
|
||||
Name: policyName,
|
||||
Resource: resource,
|
||||
Kind: kind,
|
||||
Namespace: ns,
|
||||
RKind: rKind,
|
||||
RName: rName,
|
||||
RNamespace: rNamespace,
|
||||
success: true, // fail to be set explicity
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue