mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-30 03:15:05 +00:00
Merge pull request #761 from evalsocket/feature/golangci-lint
golangci-lint changes
This commit is contained in:
shuting
GitHub
commit
26a8ec269c
14 changed files with 216 additions and 88 deletions
18
.codeclimate.yml
Normal file
18
.codeclimate.yml
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
engines:
|
||||
govet:
|
||||
enabled: true
|
||||
golint:
|
||||
enabled: false
|
||||
gofmt:
|
||||
enabled: true
|
||||
|
||||
ratings:
|
||||
paths:
|
||||
- "**.go"
|
||||
|
||||
exclude_paths:
|
||||
- documentation/
|
||||
- definitions
|
||||
- gh-pages
|
||||
- samples
|
||||
- scripts
|
||||
17
.golangci.yml
Normal file
17
.golangci.yml
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
linters:
|
||||
enable:
|
||||
- gosec
|
||||
- errcheck
|
||||
- gosimple
|
||||
- bodyclose
|
||||
- staticcheck
|
||||
disable:
|
||||
- ineffassign
|
||||
- deadcode
|
||||
- unused
|
||||
- structcheck
|
||||
|
||||
run:
|
||||
skip-files:
|
||||
- ".+_test.go"
|
||||
- ".+_test_.+.go"
|
||||
|
|
@ -29,7 +29,8 @@ import (
|
|||
|
||||
var scheme = runtime.NewScheme()
|
||||
var codecs = serializer.NewCodecFactory(scheme)
|
||||
var parameterCodec = runtime.NewParameterCodec(scheme)
|
||||
|
||||
// var parameterCodec = runtime.NewParameterCodec(scheme)
|
||||
var localSchemeBuilder = runtime.SchemeBuilder{
|
||||
kyvernov1.AddToScheme,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -411,7 +411,7 @@ func removeAnchorFromSubTree(overlay interface{}) interface{} {
|
|||
}
|
||||
|
||||
func removeAnchroFromMap(overlay map[string]interface{}) map[string]interface{} {
|
||||
result := make(map[string]interface{}, 0)
|
||||
result := make(map[string]interface{})
|
||||
for k, v := range overlay {
|
||||
result[getRawKeyIfWrappedWithAttributes(k)] = removeAnchorFromSubTree(v)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,9 +27,11 @@ func TestMeetConditions_NoAnchor(t *testing.T) {
|
|||
}`)
|
||||
var overlay interface{}
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, nil))
|
||||
|
||||
_, err = meetConditions(log.Log, nil, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, nil, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
}
|
||||
|
||||
|
|
@ -79,10 +81,12 @@ func TestMeetConditions_conditionalAnchorOnMap(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, !reflect.DeepEqual(err, overlayError{}))
|
||||
|
||||
overlayRaw = []byte(`
|
||||
|
|
@ -100,7 +104,8 @@ func TestMeetConditions_conditionalAnchorOnMap(t *testing.T) {
|
|||
]
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, overlayerr := meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -137,11 +142,14 @@ func TestMeetConditions_DifferentTypes(t *testing.T) {
|
|||
}`)
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
// anchor exist
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, strings.Contains(err.Error(), "Found anchor on different types of element at path /subsets/"))
|
||||
}
|
||||
|
||||
|
|
@ -191,10 +199,12 @@ func TestMeetConditions_anchosInSameObject(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Error(t, err, "[overlayError:0] Failed validating value 443 with overlay 444")
|
||||
}
|
||||
|
||||
|
|
@ -249,10 +259,13 @@ func TestMeetConditions_anchorOnPeer(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
}
|
||||
|
||||
|
|
@ -326,10 +339,13 @@ func TestMeetConditions_anchorsOnMetaAndSpec(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
}
|
||||
|
||||
|
|
@ -407,10 +423,13 @@ func TestMeetConditions_anchorsOnPeer_single(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
}
|
||||
|
||||
|
|
@ -441,10 +460,13 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
assert.Error(t, err, "[overlayError:0] Failed validating value true with overlay false")
|
||||
|
||||
overlayRaw = []byte(`{
|
||||
|
|
@ -471,7 +493,8 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
|
@ -500,7 +523,8 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
|
@ -533,10 +557,13 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRawAnchorOnPeers, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
|
||||
_, err := meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
||||
overlayRaw = []byte(`{
|
||||
|
|
@ -563,7 +590,8 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
|
@ -592,7 +620,8 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
_, err = meetConditions(log.Log, resource, overlay)
|
||||
assert.Error(t, err, "[overlayError:0] Failed validating value ENV_VALUE with overlay ENV_VALUE1")
|
||||
|
|
@ -650,10 +679,13 @@ func TestMeetConditions_AtleastOneExist(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
path, err := meetConditions(log.Log, resource, overlay)
|
||||
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
assert.Assert(t, len(path) == 0)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -64,8 +64,10 @@ func TestProcessOverlayPatches_NestedListWithAnchor(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -164,8 +166,10 @@ func TestProcessOverlayPatches_InsertIntoArray(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -285,8 +289,10 @@ func TestProcessOverlayPatches_TestInsertToArray(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -368,8 +374,10 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -457,7 +465,8 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, err = processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
|
@ -493,7 +502,8 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, err = processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Error(t, err, "[overlayError:0] Policy not applied, conditions are not met at /spec/template/metadata/labels/app/, [overlayError:0] Failed validating value nginx with overlay nginx1")
|
||||
|
|
@ -521,8 +531,10 @@ func TestProcessOverlayPatches_AddingAnchor(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -606,8 +618,10 @@ func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -685,7 +699,8 @@ func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) {
|
|||
}
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, err = processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(err, overlayError{}))
|
||||
|
|
@ -748,8 +763,10 @@ func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -806,7 +823,8 @@ func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) {
|
|||
]
|
||||
}`)
|
||||
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, err = processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Error(t, err, "[overlayError:0] Policy not applied, conditions are not met at /subsets/0/ports/0/port/, [overlayError:0] Failed validating value 443 with overlay 444")
|
||||
|
|
@ -887,8 +905,10 @@ func TestProcessOverlayPatches_insertWithCondition(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
@ -998,8 +1018,10 @@ func TestProcessOverlayPatches_InsertIfNotPresentWithConditions(t *testing.T) {
|
|||
|
||||
var resource, overlay interface{}
|
||||
|
||||
json.Unmarshal(resourceRaw, &resource)
|
||||
json.Unmarshal(overlayRaw, &overlay)
|
||||
err := json.Unmarshal(resourceRaw, &resource)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(overlayRaw, &overlay)
|
||||
assert.NilError(t, err)
|
||||
|
||||
patches, overlayerr := processOverlayPatches(log.Log, resource, overlay)
|
||||
assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{}))
|
||||
|
|
|
|||
|
|
@ -67,11 +67,17 @@ func Test_VariableSubstitutionOverlay(t *testing.T) {
|
|||
expectedPatch := []byte(`{ "op": "add", "path": "/metadata/labels", "value":{"appname":"check-root-user"} }`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(rawResource)
|
||||
err = ctx.AddResource(rawResource)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
value, err := ctx.Query("request.object.metadata.name")
|
||||
t.Log(value)
|
||||
if err != nil {
|
||||
|
|
@ -139,12 +145,14 @@ func Test_variableSubstitutionPathNotExist(t *testing.T) {
|
|||
}`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(policyraw, &policy)
|
||||
err := json.Unmarshal(policyraw, &policy)
|
||||
assert.NilError(t, err)
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(resourceRaw)
|
||||
err = ctx.AddResource(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
policyContext := PolicyContext{
|
||||
Policy: policy,
|
||||
|
|
|
|||
|
|
@ -227,8 +227,10 @@ func getValueFromPattern(log logr.Logger, patternMap map[string]interface{}, key
|
|||
if keys[currentKeyIndex+1] == strconv.Itoa(i) {
|
||||
return getValueFromPattern(log, resourceMap, keys, currentKeyIndex+2)
|
||||
}
|
||||
// TODO : SA4004: the surrounding loop is unconditionally terminated (staticcheck)
|
||||
return nil, errors.New("Reference to non-existent place in the document")
|
||||
}
|
||||
return nil, nil // Just a hack to fix the lint
|
||||
}
|
||||
return nil, errors.New("Reference to non-existent place in the document")
|
||||
case map[string]interface{}:
|
||||
|
|
|
|||
|
|
@ -558,7 +558,8 @@ func TestValidateMap_livenessProbeIsNull(t *testing.T) {
|
|||
|
||||
var pattern, resource map[string]interface{}
|
||||
assert.Assert(t, json.Unmarshal(rawPattern, &pattern))
|
||||
json.Unmarshal(rawMap, &resource)
|
||||
err := json.Unmarshal(rawMap, &resource)
|
||||
assert.NilError(t, err)
|
||||
|
||||
path, err := validateMap(log.Log, resource, pattern, pattern, "/")
|
||||
assert.Equal(t, path, "")
|
||||
|
|
@ -1345,8 +1346,10 @@ func TestValidateMapElement_OneElementInArrayNotPass(t *testing.T) {
|
|||
]`)
|
||||
|
||||
var pattern, resource interface{}
|
||||
json.Unmarshal(rawPattern, &pattern)
|
||||
json.Unmarshal(rawMap, &resource)
|
||||
err := json.Unmarshal(rawPattern, &pattern)
|
||||
assert.NilError(t, err)
|
||||
err = json.Unmarshal(rawMap, &resource)
|
||||
assert.NilError(t, err)
|
||||
|
||||
path, err := validateResourceElement(log.Log, resource, pattern, pattern, "/")
|
||||
assert.Equal(t, path, "/0/object/0/key2/")
|
||||
|
|
|
|||
|
|
@ -23,7 +23,8 @@ func TestGetAnchorsFromMap_ThereAreAnchors(t *testing.T) {
|
|||
}`)
|
||||
|
||||
var unmarshalled map[string]interface{}
|
||||
json.Unmarshal(rawMap, &unmarshalled)
|
||||
err := json.Unmarshal(rawMap, &unmarshalled)
|
||||
assert.NilError(t, err)
|
||||
|
||||
actualMap := utils.GetAnchorsFromMap(unmarshalled)
|
||||
assert.Equal(t, len(actualMap), 2)
|
||||
|
|
@ -114,7 +115,8 @@ func TestValidate_image_tag_fail(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -212,7 +214,8 @@ func TestValidate_image_tag_pass(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -289,7 +292,8 @@ func TestValidate_Fail_anyPattern(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -370,7 +374,8 @@ func TestValidate_host_network_port(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -459,7 +464,8 @@ func TestValidate_anchor_arraymap_pass(t *testing.T) {
|
|||
} `)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -547,8 +553,8 @@ func TestValidate_anchor_arraymap_fail(t *testing.T) {
|
|||
} `)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
er := Validate(PolicyContext{Policy: policy, NewResource: *resourceUnstructured})
|
||||
|
|
@ -616,7 +622,8 @@ func TestValidate_anchor_map_notfound(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -688,7 +695,8 @@ func TestValidate_anchor_map_found_valid(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -760,7 +768,8 @@ func TestValidate_anchor_map_found_invalid(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -834,7 +843,8 @@ func TestValidate_AnchorList_pass(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -908,7 +918,8 @@ func TestValidate_AnchorList_fail(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -982,7 +993,8 @@ func TestValidate_existenceAnchor_fail(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -1057,7 +1069,8 @@ func TestValidate_existenceAnchor_pass(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -1144,7 +1157,8 @@ func TestValidate_negationAnchor_deny(t *testing.T) {
|
|||
} `)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -1230,7 +1244,8 @@ func TestValidate_negationAnchor_pass(t *testing.T) {
|
|||
`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(rawPolicy, &policy)
|
||||
err := json.Unmarshal(rawPolicy, &policy)
|
||||
assert.NilError(t, err)
|
||||
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(rawResource)
|
||||
assert.NilError(t, err)
|
||||
|
|
@ -1297,12 +1312,14 @@ func Test_VariableSubstitutionPathNotExistInPattern(t *testing.T) {
|
|||
}`)
|
||||
|
||||
var policy kyverno.ClusterPolicy
|
||||
json.Unmarshal(policyraw, &policy)
|
||||
err := json.Unmarshal(policyraw, &policy)
|
||||
assert.NilError(t, err)
|
||||
resourceUnstructured, err := utils.ConvertToUnstructured(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(resourceRaw)
|
||||
err = ctx.AddResource(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
policyContext := PolicyContext{
|
||||
Policy: policy,
|
||||
|
|
@ -1392,7 +1409,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_OnePatternStatisfies(t *t
|
|||
assert.NilError(t, err)
|
||||
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(resourceRaw)
|
||||
err = ctx.AddResource(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
policyContext := PolicyContext{
|
||||
Policy: policy,
|
||||
|
|
@ -1482,7 +1500,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_AllPathNotPresent(t *test
|
|||
assert.NilError(t, err)
|
||||
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(resourceRaw)
|
||||
err = ctx.AddResource(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
policyContext := PolicyContext{
|
||||
Policy: policy,
|
||||
|
|
@ -1572,7 +1591,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_AllPathPresent_NonePatter
|
|||
assert.NilError(t, err)
|
||||
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(resourceRaw)
|
||||
err = ctx.AddResource(resourceRaw)
|
||||
assert.NilError(t, err)
|
||||
|
||||
policyContext := PolicyContext{
|
||||
Policy: policy,
|
||||
|
|
|
|||
|
|
@ -32,8 +32,10 @@ func applyPolicy(policy kyverno.ClusterPolicy, resource unstructured.Unstructure
|
|||
var err error
|
||||
// build context
|
||||
ctx := context.NewContext()
|
||||
ctx.AddResource(transformResource(resource))
|
||||
|
||||
err = ctx.AddResource(transformResource(resource))
|
||||
if err != nil {
|
||||
logger.Error(err, "enable to add transform resource to ctx")
|
||||
}
|
||||
//MUTATION
|
||||
engineResponse, err = mutation(policy, resource, ctx, logger)
|
||||
engineResponses = append(engineResponses, engineResponse)
|
||||
|
|
|
|||
|
|
@ -425,6 +425,7 @@ func loadPolicy(t *testing.T, path string) *kyverno.ClusterPolicy {
|
|||
}
|
||||
|
||||
func testScenario(t *testing.T, path string) {
|
||||
|
||||
// flag.Set("logtostderr", "true")
|
||||
// flag.Set("v", "8")
|
||||
|
||||
|
|
|
|||
|
|
@ -142,5 +142,6 @@ func IsTLSPairShouldBeUpdated(tlsPair *TlsPemPair) bool {
|
|||
return true
|
||||
}
|
||||
|
||||
// TODO : should use time.Until instead of t.Sub(time.Now()) (gosimple)
|
||||
return expirationDate.Sub(time.Now()) < timeReserveBeforeCertificateExpiration
|
||||
}
|
||||
|
|
|
|||
|
|
@ -152,6 +152,7 @@ func newRoleBinding(name, ns string, subjects []rbacv1.Subject, roles rbacv1.Rol
|
|||
}
|
||||
|
||||
func Test_getRoleRefByRoleBindings(t *testing.T) {
|
||||
|
||||
// flag.Parse()
|
||||
// flag.Set("logtostderr", "true")
|
||||
// flag.Set("v", "3")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue