removed condition type and missingAutoGenRules (#5964)

Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com> Signed-off-by: Vishal Choudhary <contactvishaltech@gmail.com> Co-authored-by: shuting <shuting@nirmata.com>
2025-03-29 19:05:27 +00:00 · 2023-01-11 11:32:44 +05:30 · 2023-01-11 11:32:44 +05:30 · 232ff79cd8
commit 232ff79cd8
parent ce4f6ac420
3 changed files with 0 additions and 94 deletions
--- a/pkg/policy/condition.go
+++ b/pkg/policy/condition.go
@ -1,13 +0,0 @@
-package policy
-
-// Condition defines condition type
-type Condition int
-
-const (
-	// NotEvaluate to not evaluate condition
-	NotEvaluate Condition = 0
-	// Process to evaluate condition
-	Process Condition = 1
-	// Skip to ignore/skip the condition
-	Skip Condition = 2
-)
--- a/pkg/policy/policy_controller.go
+++ b/pkg/policy/policy_controller.go
@ -6,7 +6,6 @@ import (
 	"fmt"
 	"math/big"
 	"reflect"
-	"strings"
 	"time"

 	"github.com/go-logr/logr"
@ -31,7 +30,6 @@ import (
 	kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
 	"github.com/pkg/errors"
 	"go.uber.org/multierr"
-	"golang.org/x/exp/slices"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -594,42 +592,3 @@ func updateUR(kyvernoClient versioned.Interface, urLister kyvernov1beta1listers.
 		}
 	}
 }
-
-func missingAutoGenRules(policy kyvernov1.PolicyInterface, log logr.Logger) bool {
-	var podRuleName []string
-	ruleCount := 1
-	spec := policy.GetSpec()
-	if canApplyAutoGen, _ := autogen.CanAutoGen(spec); canApplyAutoGen {
-		for _, rule := range autogen.ComputeRules(policy) {
-			podRuleName = append(podRuleName, rule.Name)
-		}
-	}
-
-	if len(podRuleName) > 0 {
-		annotations := policy.GetAnnotations()
-		val, ok := annotations[kyvernov1.PodControllersAnnotation]
-		if !ok {
-			return true
-		}
-		if val == "none" {
-			return false
-		}
-		res := strings.Split(val, ",")
-
-		if len(res) == 1 {
-			ruleCount = 2
-		}
-		if len(res) > 1 {
-			if slices.Contains(res, "CronJob") {
-				ruleCount = 3
-			} else {
-				ruleCount = 2
-			}
-		}
-
-		if len(autogen.ComputeRules(policy)) != (ruleCount * len(podRuleName)) {
-			return true
-		}
-	}
-	return false
-}
--- a/pkg/policy/validate_test.go
+++ b/pkg/policy/validate_test.go
@ -3,11 +3,9 @@ package policy
 import (
 	"encoding/json"
 	"errors"
-	"fmt"
 	"testing"

 	kyverno "github.com/kyverno/kyverno/api/kyverno/v1"
-	"github.com/kyverno/kyverno/pkg/logging"
 	"github.com/kyverno/kyverno/pkg/openapi"
 	"gotest.tools/assert"
 	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
@ -954,44 +952,6 @@ func Test_Validate_Any_Kind(t *testing.T) {
 	assert.Assert(t, err != nil)
 }

-func Test_checkAutoGenRules(t *testing.T) {
-	testCases := []struct {
-		name           string
-		policy         []byte
-		expectedResult bool
-	}{
-		{
-			name:           "rule-missing-autogen-cronjob",
-			policy:         []byte(`{"apiVersion":"kyverno.io/v1","kind":"ClusterPolicy","metadata":{"name":"test","annotations":{"pod-policies.kyverno.io/autogen-controllers":"Deployment,CronJob"}},"spec":{"rules":[{"match":{"resources":{"kinds":["Pod"]}},"name":"block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}},{"match":{"resources":{"kinds":["Deployment"]}},"name":"autogen-block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"spec":{"template":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}}}}]}}`),
-			expectedResult: true,
-		},
-		{
-			name:           "rule-missing-autogen-deployment",
-			policy:         []byte(`{"apiVersion":"kyverno.io/v1","kind":"ClusterPolicy","metadata":{"name":"test","annotations":{"pod-policies.kyverno.io/autogen-controllers":"Deployment,CronJob"}},"spec":{"rules":[{"match":{"resources":{"kinds":["Pod"]}},"name":"block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}},{"match":{"resources":{"kinds":["CronJob"]}},"name":"autogen-cronjob-block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"spec":{"jobTemplate":{"spec":{"template":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}}}}}}]}}`),
-			expectedResult: true,
-		},
-		{
-			name:           "rule-missing-autogen-all",
-			policy:         []byte(`{"apiVersion":"kyverno.io/v1","kind":"ClusterPolicy","metadata":{"name":"test","annotations":{"pod-policies.kyverno.io/autogen-controllers":"Deployment,CronJob,StatefulSet,Job,DaemonSet"}},"spec":{"rules":[{"match":{"resources":{"kinds":["Pod"]}},"name":"block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}}]}}`),
-			expectedResult: true,
-		},
-		{
-			name:           "rule-with-autogen-disabled",
-			policy:         []byte(`{"apiVersion":"kyverno.io/v1","kind":"ClusterPolicy","metadata":{"name":"test","annotations":{"pod-policies.kyverno.io/autogen-controllers":"none"}},"spec":{"rules":[{"match":{"resources":{"kinds":["Pod"]}},"name":"block-old-flux","validate":{"message":"CannotuseoldFluxv1annotation.","pattern":{"metadata":{"=(annotations)":{"X(fluxcd.io/*)":"*?"}}}}}]}}`),
-			expectedResult: false,
-		},
-	}
-
-	for _, test := range testCases {
-		var policy kyverno.ClusterPolicy
-		err := json.Unmarshal(test.policy, &policy)
-		assert.NilError(t, err)
-
-		res := missingAutoGenRules(&policy, logging.GlobalLogger())
-		assert.Equal(t, test.expectedResult, res, fmt.Sprintf("test %s failed", test.name))
-	}
-}
-
 func Test_Validate_ApiCall(t *testing.T) {
 	testCases := []struct {
 		resource       kyverno.ContextEntry