Merge pull request #788 from shravanshetty1/787_cli_panic

#787 - CLI panics for policies with variables

pkg/kyverno/apply/command.go

@@ -6,6 +6,7 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
+	"regexp"
 
 	"github.com/nirmata/kyverno/pkg/utils"
 
@@ -81,6 +82,9 @@ func Command() *cobra.Command {
 				if err != nil {
 					return sanitizedError.New(fmt.Sprintf("Policy %v is not valid", policy.Name))
 				}
+				if policyHasVariables(*policy) {
+					return sanitizedError.New(fmt.Sprintf("Policy %v is not valid - 'apply' does not support policies with variables", policy.Name))
+				}
 			}
 
 			var dClient discovery.CachedDiscoveryInterface
@@ -387,3 +391,9 @@ func applyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unst
 
 	return nil
 }
+
+func policyHasVariables(policy v1.ClusterPolicy) bool {
+	policyRaw, _ := json.Marshal(policy)
+	regex := regexp.MustCompile(`\{\{([^{}]*)\}\}`)
+	return len(regex.FindAllStringSubmatch(string(policyRaw), -1)) > 0
+}

pkg/policy/generate/fake.go

@@ -3,6 +3,7 @@ package generate
 import (
 	kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1"
 	"github.com/nirmata/kyverno/pkg/policy/generate/fake"
+	"sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 //FakeGenerate provides implementation for generate rule processing
@@ -17,5 +18,6 @@ func NewFakeGenerate(rule kyverno.Generation) *FakeGenerate {
 	g := FakeGenerate{}
 	g.rule = rule
 	g.authCheck = fake.NewFakeAuth()
+	g.log = log.Log
 	return &g
 }