From 2b824be667bc6c2ed3806e005efe60644bc6d85f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Wed, 31 Jan 2024 00:41:13 +0100 Subject: [PATCH] fix: omit events flag (#9572) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Charles-Edouard Brétéché --- charts/kyverno/templates/_helpers.tpl | 2 +- cmd/background-controller/main.go | 8 ++------ cmd/kyverno/main.go | 8 ++------ cmd/reports-controller/main.go | 8 ++------ config/install-latest-testing.yaml | 6 +++--- .../chainsaw/flags/standard/emit-events/README.md | 4 ++-- .../flags/standard/emit-events/admission-controller.yaml | 2 +- 7 files changed, 13 insertions(+), 25 deletions(-) diff --git a/charts/kyverno/templates/_helpers.tpl b/charts/kyverno/templates/_helpers.tpl index 7eb2456ab9..6ca1fae60f 100644 --- a/charts/kyverno/templates/_helpers.tpl +++ b/charts/kyverno/templates/_helpers.tpl @@ -52,7 +52,7 @@ {{- end -}} {{- with .omitEvents -}} {{- with .eventTypes -}} - {{- $flags = append $flags (print "--omit-events=" (join "," .)) -}} + {{- $flags = append $flags (print "--omitEvents=" (join "," .)) -}} {{- end -}} {{- end -}} {{- with .policyExceptions -}} diff --git a/cmd/background-controller/main.go b/cmd/background-controller/main.go index b92292b83c..2bc04aed32 100644 --- a/cmd/background-controller/main.go +++ b/cmd/background-controller/main.go @@ -91,7 +91,7 @@ func main() { flagset := flag.NewFlagSet("updaterequest-controller", flag.ExitOnError) flagset.IntVar(&genWorkers, "genWorkers", 10, "Workers for the background controller.") flagset.IntVar(&maxQueuedEvents, "maxQueuedEvents", 1000, "Maximum events to be queued.") - flagset.StringVar(&omitEvents, "omit-events", "", "Set this flag to a comma sperated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omit-events=PolicyApplied,PolicyViolation") + flagset.StringVar(&omitEvents, "omitEvents", "", "Set this flag to a comma sperated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omitEvents=PolicyApplied,PolicyViolation") flagset.Int64Var(&maxAPICallResponseLength, "maxAPICallResponseLength", 2*1000*1000, "Maximum allowed response size from API Calls. A value of 0 bypasses checks (not recommended).") // config appConfig := internal.NewConfiguration( @@ -130,15 +130,11 @@ func main() { kyamlopenapi.Schema() // informer factories kyvernoInformer := kyvernoinformer.NewSharedInformerFactory(setup.KyvernoClient, resyncPeriod) - omitEventsValues := strings.Split(omitEvents, ",") - if omitEvents == "" { - omitEventsValues = []string{} - } var wg sync.WaitGroup eventGenerator := event.NewEventGenerator( setup.EventsClient, logging.WithName("EventGenerator"), - omitEventsValues..., + strings.Split(omitEvents, ",")..., ) eventController := internal.NewController( event.ControllerName, diff --git a/cmd/kyverno/main.go b/cmd/kyverno/main.go index 979bdf6a31..d1d64f7562 100644 --- a/cmd/kyverno/main.go +++ b/cmd/kyverno/main.go @@ -225,7 +225,7 @@ func main() { flagset.BoolVar(&dumpPayload, "dumpPayload", false, "Set this flag to activate/deactivate debug mode.") flagset.IntVar(&webhookTimeout, "webhookTimeout", webhookcontroller.DefaultWebhookTimeout, "Timeout for webhook configurations (number of seconds, integer).") flagset.IntVar(&maxQueuedEvents, "maxQueuedEvents", 1000, "Maximum events to be queued.") - flagset.StringVar(&omitEvents, "omit-events", "", "Set this flag to a comma sperated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omit-events=PolicyApplied,PolicyViolation") + flagset.StringVar(&omitEvents, "omitEvents", "", "Set this flag to a comma sperated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omitEvents=PolicyApplied,PolicyViolation") flagset.StringVar(&serverIP, "serverIP", "", "IP address where Kyverno controller runs. Only required if out-of-cluster.") flagset.BoolVar(&autoUpdateWebhooks, "autoUpdateWebhooks", true, "Set this flag to 'false' to disable auto-configuration of the webhook.") flagset.DurationVar(&webhookRegistrationTimeout, "webhookRegistrationTimeout", 120*time.Second, "Timeout for webhook registration, e.g., 30s, 1m, 5m.") @@ -317,14 +317,10 @@ func main() { tlsSecretName, ) policyCache := policycache.NewCache() - omitEventsValues := strings.Split(omitEvents, ",") - if omitEvents == "" { - omitEventsValues = []string{} - } eventGenerator := event.NewEventGenerator( setup.EventsClient, logging.WithName("EventGenerator"), - omitEventsValues..., + strings.Split(omitEvents, ",")..., ) eventController := internal.NewController( event.ControllerName, diff --git a/cmd/reports-controller/main.go b/cmd/reports-controller/main.go index bf53741a4d..18d4b658e6 100644 --- a/cmd/reports-controller/main.go +++ b/cmd/reports-controller/main.go @@ -209,7 +209,7 @@ func main() { flagset.IntVar(&backgroundScanWorkers, "backgroundScanWorkers", backgroundscancontroller.Workers, "Configure the number of background scan workers.") flagset.DurationVar(&backgroundScanInterval, "backgroundScanInterval", time.Hour, "Configure background scan interval.") flagset.IntVar(&maxQueuedEvents, "maxQueuedEvents", 1000, "Maximum events to be queued.") - flagset.StringVar(&omitEvents, "omit-events", "", "Set this flag to a comma separated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omit-events=PolicyApplied,PolicyViolation") + flagset.StringVar(&omitEvents, "omitEvents", "", "Set this flag to a comma separated list of PolicyViolation, PolicyApplied, PolicyError, PolicySkipped to disable events, e.g. --omitEvents=PolicyApplied,PolicyViolation") flagset.BoolVar(&skipResourceFilters, "skipResourceFilters", true, "If true, resource filters wont be considered.") flagset.Int64Var(&maxAPICallResponseLength, "maxAPICallResponseLength", 2*1000*1000, "Maximum allowed response size from API Calls. A value of 0 bypasses checks (not recommended).") // config @@ -255,15 +255,11 @@ func main() { } // informer factories kyvernoInformer := kyvernoinformer.NewSharedInformerFactory(setup.KyvernoClient, resyncPeriod) - omitEventsValues := strings.Split(omitEvents, ",") - if omitEvents == "" { - omitEventsValues = []string{} - } var wg sync.WaitGroup eventGenerator := event.NewEventGenerator( setup.EventsClient, logging.WithName("EventGenerator"), - omitEventsValues..., + strings.Split(omitEvents, ",")..., ) eventController := internal.NewController( event.ControllerName, diff --git a/config/install-latest-testing.yaml b/config/install-latest-testing.yaml index c6a7be9657..c7af852d77 100644 --- a/config/install-latest-testing.yaml +++ b/config/install-latest-testing.yaml @@ -51521,7 +51521,7 @@ spec: - --generateValidatingAdmissionPolicy=false - --loggingFormat=text - --v=2 - - --omit-events=PolicyApplied,PolicySkipped + - --omitEvents=PolicyApplied,PolicySkipped - --enablePolicyException=true - --protectManagedResources=false - --allowInsecureRegistry=false @@ -51672,7 +51672,7 @@ spec: - --enableDeferredLoading=true - --loggingFormat=text - --v=2 - - --omit-events=PolicyApplied,PolicySkipped + - --omitEvents=PolicyApplied,PolicySkipped - --enablePolicyException=true env: @@ -51919,7 +51919,7 @@ spec: - --enableDeferredLoading=true - --loggingFormat=text - --v=2 - - --omit-events=PolicyApplied,PolicySkipped + - --omitEvents=PolicyApplied,PolicySkipped - --enablePolicyException=true - --reportsChunkSize=1000 - --allowInsecureRegistry=false diff --git a/test/conformance/chainsaw/flags/standard/emit-events/README.md b/test/conformance/chainsaw/flags/standard/emit-events/README.md index c1ea1245a4..ef9bf6e934 100644 --- a/test/conformance/chainsaw/flags/standard/emit-events/README.md +++ b/test/conformance/chainsaw/flags/standard/emit-events/README.md @@ -1,6 +1,6 @@ ## Description -This test updates the deployment with flag `--omit-events=PolicyApplied` set +This test updates the deployment with flag `--omitEvents=PolicyApplied` set Then it creates a policy, and a resource. The resource is expected to be accepted. A `PolicyApplied` event should be created. @@ -9,7 +9,7 @@ A `PolicyViolation` event should not be emitted as the flag does not include tha ## Steps -1. Update the deployment of admission controller to add this ar`--omit-events=PolicyApplied`. +1. Update the deployment of admission controller to add this ar`--omitEvents=PolicyApplied`. 2. - Create a policy - Assert the policy becomes ready 3. - Create a resource, diff --git a/test/conformance/chainsaw/flags/standard/emit-events/admission-controller.yaml b/test/conformance/chainsaw/flags/standard/emit-events/admission-controller.yaml index b935ed648e..ed80f45cd5 100644 --- a/test/conformance/chainsaw/flags/standard/emit-events/admission-controller.yaml +++ b/test/conformance/chainsaw/flags/standard/emit-events/admission-controller.yaml @@ -72,7 +72,7 @@ spec: image: "ghcr.io/kyverno/kyverno:latest" imagePullPolicy: IfNotPresent args: - - --omit-events=PolicyViolation + - --omitEvents=PolicyViolation - --backgroundServiceAccountName=system:serviceaccount:kyverno:kyverno-background-controller - --servicePort=443 - --loggingFormat=text