1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

fix: make ApplyCommandConfig public again (#9596)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2024-02-01 15:50:58 +01:00 committed by GitHub
parent 55bdb21a46
commit 1c82ae269f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 32 additions and 32 deletions

View file

@ -43,12 +43,12 @@ import (
const divider = "----------------------------------------------------------------------" const divider = "----------------------------------------------------------------------"
type skippedInvalidPolicies struct { type SkippedInvalidPolicies struct {
skipped []string skipped []string
invalid []string invalid []string
} }
type applyCommandConfig struct { type ApplyCommandConfig struct {
KubeConfig string KubeConfig string
Context string Context string
Namespace string Namespace string
@ -71,7 +71,7 @@ type applyCommandConfig struct {
func Command() *cobra.Command { func Command() *cobra.Command {
var removeColor, detailedResults, table bool var removeColor, detailedResults, table bool
applyCommandConfig := &applyCommandConfig{} applyCommandConfig := &ApplyCommandConfig{}
cmd := &cobra.Command{ cmd := &cobra.Command{
Use: "apply", Use: "apply",
Short: command.FormatDescription(true, websiteUrl, false, description...), Short: command.FormatDescription(true, websiteUrl, false, description...),
@ -121,7 +121,7 @@ func Command() *cobra.Command {
return cmd return cmd
} }
func (c *applyCommandConfig) applyCommandHelper(out io.Writer) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { func (c *ApplyCommandConfig) applyCommandHelper(out io.Writer) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) {
rc, resources1, skipInvalidPolicies, responses1, err := c.checkArguments() rc, resources1, skipInvalidPolicies, responses1, err := c.checkArguments()
if err != nil { if err != nil {
return rc, resources1, skipInvalidPolicies, responses1, err return rc, resources1, skipInvalidPolicies, responses1, err
@ -202,7 +202,7 @@ func (c *applyCommandConfig) applyCommandHelper(out io.Writer) (*processor.Resul
return rc, resources1, skipInvalidPolicies, responses, nil return rc, resources1, skipInvalidPolicies, responses, nil
} }
func (c *applyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error, bool) { func (c *ApplyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error, bool) {
mutateLogPathIsDir, err := checkMutateLogPath(c.MutateLogPath) mutateLogPathIsDir, err := checkMutateLogPath(c.MutateLogPath)
if err != nil { if err != nil {
return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("failed to create file/folder (%w)", err), false return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("failed to create file/folder (%w)", err), false
@ -210,7 +210,7 @@ func (c *applyCommandConfig) getMutateLogPathIsDir(skipInvalidPolicies skippedIn
return nil, nil, skipInvalidPolicies, nil, err, mutateLogPathIsDir return nil, nil, skipInvalidPolicies, nil, err, mutateLogPathIsDir
} }
func (c *applyCommandConfig) applyValidatingAdmissionPolicytoResource( func (c *ApplyCommandConfig) applyValidatingAdmissionPolicytoResource(
vaps []v1alpha1.ValidatingAdmissionPolicy, vaps []v1alpha1.ValidatingAdmissionPolicy,
vapBindings []v1alpha1.ValidatingAdmissionPolicyBinding, vapBindings []v1alpha1.ValidatingAdmissionPolicyBinding,
resources []*unstructured.Unstructured, resources []*unstructured.Unstructured,
@ -236,14 +236,14 @@ func (c *applyCommandConfig) applyValidatingAdmissionPolicytoResource(
return responses, nil return responses, nil
} }
func (c *applyCommandConfig) applyPolicytoResource( func (c *ApplyCommandConfig) applyPolicytoResource(
out io.Writer, out io.Writer,
store *store.Store, store *store.Store,
vars *variables.Variables, vars *variables.Variables,
policies []kyvernov1.PolicyInterface, policies []kyvernov1.PolicyInterface,
resources []*unstructured.Unstructured, resources []*unstructured.Unstructured,
exceptions []*kyvernov2beta1.PolicyException, exceptions []*kyvernov2beta1.PolicyException,
skipInvalidPolicies *skippedInvalidPolicies, skipInvalidPolicies *SkippedInvalidPolicies,
dClient dclient.Interface, dClient dclient.Interface,
userInfo *v1beta1.RequestInfo, userInfo *v1beta1.RequestInfo,
mutateLogPathIsDir bool, mutateLogPathIsDir bool,
@ -300,7 +300,7 @@ func (c *applyCommandConfig) applyPolicytoResource(
return &rc, resources, responses, nil return &rc, resources, responses, nil
} }
func (c *applyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.PolicyInterface, vap []v1alpha1.ValidatingAdmissionPolicy, dClient dclient.Interface) ([]*unstructured.Unstructured, error) { func (c *ApplyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.PolicyInterface, vap []v1alpha1.ValidatingAdmissionPolicy, dClient dclient.Interface) ([]*unstructured.Unstructured, error) {
resources, err := common.GetResourceAccordingToResourcePath(out, nil, c.ResourcePaths, c.Cluster, policies, vap, dClient, c.Namespace, c.PolicyReport, "") resources, err := common.GetResourceAccordingToResourcePath(out, nil, c.ResourcePaths, c.Cluster, policies, vap, dClient, c.Namespace, c.PolicyReport, "")
if err != nil { if err != nil {
return resources, fmt.Errorf("failed to load resources (%w)", err) return resources, fmt.Errorf("failed to load resources (%w)", err)
@ -308,7 +308,7 @@ func (c *applyCommandConfig) loadResources(out io.Writer, policies []kyvernov1.P
return resources, nil return resources, nil
} }
func (c *applyCommandConfig) loadPolicies(skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, []kyvernov1.PolicyInterface, []v1alpha1.ValidatingAdmissionPolicy, []v1alpha1.ValidatingAdmissionPolicyBinding, error) { func (c *ApplyCommandConfig) loadPolicies(skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, []kyvernov1.PolicyInterface, []v1alpha1.ValidatingAdmissionPolicy, []v1alpha1.ValidatingAdmissionPolicyBinding, error) {
// load policies // load policies
var policies []kyvernov1.PolicyInterface var policies []kyvernov1.PolicyInterface
var vaps []v1alpha1.ValidatingAdmissionPolicy var vaps []v1alpha1.ValidatingAdmissionPolicy
@ -362,7 +362,7 @@ func (c *applyCommandConfig) loadPolicies(skipInvalidPolicies skippedInvalidPoli
return nil, nil, skipInvalidPolicies, nil, policies, vaps, vapBindings, nil return nil, nil, skipInvalidPolicies, nil, policies, vaps, vapBindings, nil
} }
func (c *applyCommandConfig) initStoreAndClusterClient(store *store.Store, skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error, dclient.Interface) { func (c *ApplyCommandConfig) initStoreAndClusterClient(store *store.Store, skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error, dclient.Interface) {
store.SetLocal(true) store.SetLocal(true)
store.SetRegistryAccess(c.RegistryAccess) store.SetRegistryAccess(c.RegistryAccess)
if c.Cluster { if c.Cluster {
@ -391,7 +391,7 @@ func (c *applyCommandConfig) initStoreAndClusterClient(store *store.Store, skipI
return nil, nil, skipInvalidPolicies, nil, err, dClient return nil, nil, skipInvalidPolicies, nil, err, dClient
} }
func (c *applyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipInvalidPolicies skippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { func (c *ApplyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipInvalidPolicies SkippedInvalidPolicies) (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) {
// empty the previous contents of the file just in case if the file already existed before with some content(so as to perform overwrites) // empty the previous contents of the file just in case if the file already existed before with some content(so as to perform overwrites)
// the truncation of files for the case when mutateLogPath is dir, is handled under pkg/kyverno/apply/common.go // the truncation of files for the case when mutateLogPath is dir, is handled under pkg/kyverno/apply/common.go
if !mutateLogPathIsDir && c.MutateLogPath != "" { if !mutateLogPathIsDir && c.MutateLogPath != "" {
@ -405,8 +405,8 @@ func (c *applyCommandConfig) cleanPreviousContent(mutateLogPathIsDir bool, skipI
return nil, nil, skipInvalidPolicies, nil, nil return nil, nil, skipInvalidPolicies, nil, nil
} }
func (c *applyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstructured.Unstructured, skippedInvalidPolicies, []engineapi.EngineResponse, error) { func (c *ApplyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstructured.Unstructured, SkippedInvalidPolicies, []engineapi.EngineResponse, error) {
var skipInvalidPolicies skippedInvalidPolicies var skipInvalidPolicies SkippedInvalidPolicies
if c.ValuesFile != "" && c.Variables != nil { if c.ValuesFile != "" && c.Variables != nil {
return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("pass the values either using set flag or values_file flag") return nil, nil, skipInvalidPolicies, nil, fmt.Errorf("pass the values either using set flag or values_file flag")
} }
@ -422,7 +422,7 @@ func (c *applyCommandConfig) checkArguments() (*processor.ResultCounts, []*unstr
return nil, nil, skipInvalidPolicies, nil, nil return nil, nil, skipInvalidPolicies, nil, nil
} }
func printSkippedAndInvalidPolicies(out io.Writer, skipInvalidPolicies skippedInvalidPolicies) { func printSkippedAndInvalidPolicies(out io.Writer, skipInvalidPolicies SkippedInvalidPolicies) {
if len(skipInvalidPolicies.skipped) > 0 { if len(skipInvalidPolicies.skipped) > 0 {
fmt.Fprintln(out, divider) fmt.Fprintln(out, divider)
fmt.Fprintln(out, "Policies Skipped (as required variables are not provided by the user):") fmt.Fprintln(out, "Policies Skipped (as required variables are not provided by the user):")

View file

@ -18,7 +18,7 @@ func Test_Apply(t *testing.T) {
type TestCase struct { type TestCase struct {
gitBranch string gitBranch string
expectedPolicyReports []policyreportv1alpha2.PolicyReport expectedPolicyReports []policyreportv1alpha2.PolicyReport
config applyCommandConfig config ApplyCommandConfig
stdinFile string stdinFile string
} }
// copy disallow_latest_tag.yaml to local path // copy disallow_latest_tag.yaml to local path
@ -28,7 +28,7 @@ func Test_Apply(t *testing.T) {
testcases := []*TestCase{ testcases := []*TestCase{
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"},
PolicyReport: true, PolicyReport: true,
@ -44,7 +44,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{localFileName}, PolicyPaths: []string{localFileName},
ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"},
PolicyReport: true, PolicyReport: true,
@ -60,7 +60,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"},
PolicyReport: true, PolicyReport: true,
@ -76,7 +76,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/apply/policies"}, PolicyPaths: []string{"../../../../../test/cli/apply/policies"},
ResourcePaths: []string{"../../../../../test/cli/apply/resource"}, ResourcePaths: []string{"../../../../../test/cli/apply/resource"},
PolicyReport: true, PolicyReport: true,
@ -92,7 +92,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"},
PolicyReport: true, PolicyReport: true,
@ -109,7 +109,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"-"}, PolicyPaths: []string{"-"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_latest_tag.yaml"},
PolicyReport: true, PolicyReport: true,
@ -127,7 +127,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"}, PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml"},
ResourcePaths: []string{"-"}, ResourcePaths: []string{"-"},
PolicyReport: true, PolicyReport: true,
@ -163,7 +163,7 @@ func Test_Apply(t *testing.T) {
// }}, // }},
// }, // },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/apply/policies-set"}, PolicyPaths: []string{"../../../../../test/cli/apply/policies-set"},
ResourcePaths: []string{"../../../../../test/cli/apply/resources-set"}, ResourcePaths: []string{"../../../../../test/cli/apply/resources-set"},
Variables: []string{"request.operation=UPDATE"}, Variables: []string{"request.operation=UPDATE"},
@ -180,7 +180,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment1.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment1.yaml"},
PolicyReport: true, PolicyReport: true,
@ -196,7 +196,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment2.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployments-replica/deployment2.yaml"},
PolicyReport: true, PolicyReport: true,
@ -212,7 +212,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod1.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod1.yaml"},
PolicyReport: true, PolicyReport: true,
@ -228,7 +228,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod2.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/disallow-host-path/pod2.yaml"},
PolicyReport: true, PolicyReport: true,
@ -244,7 +244,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment1.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment1.yaml"},
PolicyReport: true, PolicyReport: true,
@ -260,7 +260,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"}, PolicyPaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/policy.yaml"},
ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment2.yaml"}, ResourcePaths: []string{"../../../../../test/cli/test-validating-admission-policy/check-deployment-labels/deployment2.yaml"},
PolicyReport: true, PolicyReport: true,
@ -276,7 +276,7 @@ func Test_Apply(t *testing.T) {
}}, }},
}, },
{ {
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"https://github.com/kyverno/policies/best-practices/require-labels/", "../../../../../test/best_practices/disallow_latest_tag.yaml"}, PolicyPaths: []string{"https://github.com/kyverno/policies/best-practices/require-labels/", "../../../../../test/best_practices/disallow_latest_tag.yaml"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"},
GitBranch: "main", GitBranch: "main",
@ -294,7 +294,7 @@ func Test_Apply(t *testing.T) {
}, },
{ {
// Same as the above test case but the policy paths are reordered // Same as the above test case but the policy paths are reordered
config: applyCommandConfig{ config: ApplyCommandConfig{
PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml", "https://github.com/kyverno/policies/best-practices/require-labels/"}, PolicyPaths: []string{"../../../../../test/best_practices/disallow_latest_tag.yaml", "https://github.com/kyverno/policies/best-practices/require-labels/"},
ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"}, ResourcePaths: []string{"../../../../../test/resources/pod_with_version_tag.yaml"},
GitBranch: "main", GitBranch: "main",