mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

fix: allow delete of target resource with synchronize false ()

Browse source 
Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>

Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
This commit is contained in:
Prateek Pandey 2022-10-21 01:11:57 +05:30 committed by GitHub
parent 96f0523d5a
commit 2078f0dfd2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 6 deletions
pkg/background
common
util.go
generate
generate.go
test/e2e/generate
config.go

2
pkg/background/common/util.go
View file

@ -32,7 +32,7 @@ func Update(client versioned.Interface, urLister kyvernov1beta1listers.UpdateReq
if err != nil {
logging.Error(err, "failed to update update request", "name", name)
} else {
logging.V(3).Info("updated update request", "name", name, "status")
logging.V(3).Info("updated update request", "name", name)
}
return ur, err
}

8
pkg/background/generate/generate.go
View file

@ -436,7 +436,7 @@ func applyRule(log logr.Logger, client dclient.Interface, rule kyvernov1.Rule, r
} else if len(rule.Generation.CloneList.Kinds) != 0 {
rdatas = manageCloneList(logger, genNamespace, policy.GetName(), rule.Generation, client)
} else {
dresp, mode, err = manageData(logger, genAPIVersion, genKind, genNamespace, genName, rule.Generation.RawData, client)
dresp, mode, err = manageData(logger, genAPIVersion, genKind, genNamespace, genName, rule.Generation.RawData, rule.Generation.Synchronize, ur, client)
rdatas = append(rdatas, GenerateResponse{
Data: dresp,
Action: mode,
@ -586,7 +586,7 @@ func newGenResource(genAPIVersion, genKind, genNamespace, genName string) kyvern
return newGenResource
}
func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data interface{}, client dclient.Interface) (map[string]interface{}, ResourceMode, error) {
func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data interface{}, synchronize bool, ur kyvernov1beta1.UpdateRequest, client dclient.Interface) (map[string]interface{}, ResourceMode, error) {
resource, err := kyvernoutils.ToMap(data)
if err != nil {
return nil, Skip, err
@ -594,6 +594,10 @@ func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data
obj, err := client.GetResource(apiVersion, kind, namespace, name)
if err != nil {
if apierrors.IsNotFound(err) && len(ur.Status.GeneratedResources) != 0 && !synchronize {
log.V(4).Info("synchronize is disable - skip re-create", "resource", obj)
return nil, Skip, nil
}
if apierrors.IsNotFound(err) {
return resource, Create, nil
}

6
test/e2e/generate/config.go
View file

@ -175,9 +175,9 @@ var generateSynchronizeFlagTests = []testCase{
TestName: "test-generate-policy-for-namespace-with-label",
ClusterPolicy: clusterPolicy(genNetworkPolicyYaml),
TriggerResource: namespace(namespaceWithLabelYaml),
ExpectedResources: expectations(
expectation(idNetworkPolicy("test", "allow-dns")),
),
// expectation is resource should no longer exists once deleted
// if sync is set to false
Steps: []testCaseStep{
stepBy("When synchronize flag is set to true in the policy and someone deletes the generated resource, kyverno generates back the resource"),
stepDeleteResource(npGVR, "test", "allow-dns"),