diff --git a/cmd/cli/kubectl-kyverno/commands/apply/command.go b/cmd/cli/kubectl-kyverno/commands/apply/command.go index e51ac1d439..d276672e3d 100644 --- a/cmd/cli/kubectl-kyverno/commands/apply/command.go +++ b/cmd/cli/kubectl-kyverno/commands/apply/command.go @@ -43,12 +43,12 @@ import ( const divider = "----------------------------------------------------------------------" -type skippedInvalidPolicies struct { +type SkippedInvalidPolicies struct { skipped []string invalid []string } -type applyCommandConfig struct { +type ApplyCommandConfig struct { KubeConfig string Context string Namespace string @@ -71,7 +71,7 @@ type applyCommandConfig struct { func Command() *cobra.Command { var removeColor, detailedResults, table bool - applyCommandConfig := &applyCommandConfig{} + applyCommandConfig := &ApplyCommandConfig{} cmd := &cobra.Command{ Use: "apply", Short: command.FormatDescription(true, websiteUrl, false, description...), @@ -121,7 +121,7 @@ func Command() *cobra.Command { return cmd } -func (c *applyCommandConfig) applyCommandHelper(out io.Writer) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { +func (c *ApplyCommandConfig) applyCommandHelper(out io.Writer) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) { rc, resources1, skipInvalidPolicies, responses1, err := c.checkArguments() if err != nil { return rc, resources1, skipInvalidPolicies, responses1, err @@ -202,7 +202,7 @@ func (c *applyCommandConfig) applyCommandHelper(out io.Writer) (*processor.Resul return rc, resources1, skipInvalidPolicies, responses, nil } -func (c *applyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error, bool) { +func (c *ApplyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error, bool) { mutateLogPathIsDir, err := checkMutateLogPath(c.MutateLogPath) if err != nil { return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("failed to create file/folder (%w)", err), false @@ -210,7 +210,7 @@ func (c *applyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies skippedIn return nil, nil, skipInvalidPolicies, nil, err, mutateLogPathIsDir } -func (c *applyCommandConfig) applyValidatingAdmissionPolicytoResource( +func (c *ApplyCommandConfig) applyValidatingAdmissionPolicytoResource( vaps []v1alpha1.ValidatingAdmissionPolicy, vapBindings []v1alpha1.ValidatingAdmissionPolicyBinding, resources []*unstructured.Unstructured, @@ -236,14 +236,14 @@ func (c *applyCommandConfig) applyValidatingAdmissionPolicytoResource( return responses, nil } -func (c *applyCommandConfig) applyPolicytoResource( +func (c *ApplyCommandConfig) applyPolicytoResource( out io.Writer, store *store.Store, vars *variables.Variables, policies []kyvernov1.PolicyInterface, resources []*unstructured.Unstructured, exceptions []*kyvernov2beta1.PolicyException, - skipInvalidPolicies *skippedInvalidPolicies, + skipInvalidPolicies *SkippedInvalidPolicies, dClient dclient.Interface, userInfo *v1beta1.RequestInfo, mutateLogPathIsDir bool, @@ -300,7 +300,7 @@ func (c *applyCommandConfig) applyPolicytoResource( return &rc, resources, responses, nil } -func (c *applyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.PolicyInterface, vap []v1alpha1.ValidatingAdmissionPolicy, dClient dclient.Interface) ([]*unstructured.Unstructured, error) { +func (c *ApplyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.PolicyInterface, vap []v1alpha1.ValidatingAdmissionPolicy, dClient dclient.Interface) ([]*unstructured.Unstructured, error) { resources, err := common.GetResourceAccordingToResourcePath(out, nil, c.ResourcePaths, c.Cluster, policies, vap, dClient, c.Namespace, c.PolicyReport, "") if err != nil { return resources, fmt.Errorf("failed to load resources (%w)", err) @@ -308,7 +308,7 @@ func (c *applyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.P return resources, nil } -func (c *applyCommandConfig) loadPolicies(skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, []kyvernov1.PolicyInterface, []v1alpha1.ValidatingAdmissionPolicy, []v1alpha1.ValidatingAdmissionPolicyBinding, error) { +func (c *ApplyCommandConfig) loadPolicies(skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, []kyvernov1.PolicyInterface, []v1alpha1.ValidatingAdmissionPolicy, []v1alpha1.ValidatingAdmissionPolicyBinding, error) { // load policies var policies []kyvernov1.PolicyInterface var vaps []v1alpha1.ValidatingAdmissionPolicy @@ -362,7 +362,7 @@ func (c *applyCommandConfig) loadPolicies(skipInvalidPolicies skippedInvalidPoli return nil, nil, skipInvalidPolicies, nil, policies, vaps, vapBindings, nil } -func (c *applyCommandConfig) initStoreAndClusterClient(store *store.Store, skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error, dclient.Interface) { +func (c *ApplyCommandConfig) initStoreAndClusterClient(store *store.Store, skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error, dclient.Interface) { store.SetLocal(true) store.SetRegistryAccess(c.RegistryAccess) if c.Cluster { @@ -391,7 +391,7 @@ func (c *applyCommandConfig) initStoreAndClusterClient(store *store.Store, skipI return nil, nil, skipInvalidPolicies, nil, err, dClient } -func (c *applyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { +func (c *ApplyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) { // empty the previous contents of the file just in case if the file already existed before with some content(so as to perform overwrites) // the truncation of files for the case when mutateLogPath is dir, is handled under pkg/kyverno/apply/common.go if !mutateLogPathIsDir && c.MutateLogPath != "" { @@ -405,8 +405,8 @@ func (c *applyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipI return nil, nil, skipInvalidPolicies, nil, nil } -func (c *applyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { - var skipInvalidPolicies skippedInvalidPolicies +func (c *ApplyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) { + var skipInvalidPolicies SkippedInvalidPolicies if c.ValuesFile != "" && c.Variables != nil { return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("pass the values either using set flag or values_file flag") } @@ -422,7 +422,7 @@ func (c *applyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstr return nil, nil, skipInvalidPolicies, nil, nil } -func printSkippedAndInvalidPolicies(out io.Writer, skipInvalidPolicies skippedInvalidPolicies) { +func printSkippedAndInvalidPolicies(out io.Writer, skipInvalidPolicies SkippedInvalidPolicies) { if len(skipInvalidPolicies.skipped) > 0 { fmt.Fprintln(out, divider) fmt.Fprintln(out, "Policies Skipped (as required variables are not provided by the user):") diff --git a/cmd/cli/kubectl-kyverno/commands/apply/command_test.go b/cmd/cli/kubectl-kyverno/commands/apply/command_test.go index e32ef1a30b..dcb95742d5 100644 --- a/cmd/cli/kubectl-kyverno/commands/apply/command_test.go +++ b/cmd/cli/kubectl-kyverno/commands/apply/command_test.go @@ -18,7 +18,7 @@ func Test_Apply(t *testing.T) { type TestCase struct { gitBranch string expectedPolicyReports []policyreportv1alpha2.PolicyReport - config applyCommandConfig + config ApplyCommandConfig stdinFile string } // copy disallow_latest_tag.yaml to local path @@ -28,7 +28,7 @@ func Test_Apply(t *testing.T) { testcases := []*TestCase{ { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, PolicyReport: true, @@ -44,7 +44,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{localFileName}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, PolicyReport: true, @@ -60,7 +60,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, PolicyReport: true, @@ -76,7 +76,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/apply/policies"}, ResourcePaths: []string{"../../../../../test/cli/apply/resource"}, PolicyReport: true, @@ -92,7 +92,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, PolicyReport: true, @@ -109,7 +109,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"-"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, PolicyReport: true, @@ -127,7 +127,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, ResourcePaths: []string{"-"}, PolicyReport: true, @@ -163,7 +163,7 @@ func Test_Apply(t *testing.T) { // }}, // }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/apply/policies-set"}, ResourcePaths: []string{"../../../../../test/cli/apply/resources-set"}, Variables: []string{"request.operation=UPDATE"}, @@ -180,7 +180,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment1.yaml"}, PolicyReport: true, @@ -196,7 +196,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment2.yaml"}, PolicyReport: true, @@ -212,7 +212,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod1.yaml"}, PolicyReport: true, @@ -228,7 +228,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod2.yaml"}, PolicyReport: true, @@ -244,7 +244,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment1.yaml"}, PolicyReport: true, @@ -260,7 +260,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment2.yaml"}, PolicyReport: true, @@ -276,7 +276,7 @@ func Test_Apply(t *testing.T) { }}, }, { - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"https://github.com/kyverno/policies/best-practices/require-labels/", "../../../../../test/best_practices/disallow_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, GitBranch: "main", @@ -294,7 +294,7 @@ func Test_Apply(t *testing.T) { }, { // Same as the above test case but the policy paths are reordered - config: applyCommandConfig{ + config: ApplyCommandConfig{ PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml", "https://github.com/kyverno/policies/best-practices/require-labels/"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, GitBranch: "main",