rebase master

2025-03-31 03:45:17 +00:00 · 2019-05-31 18:31:21 -07:00 · 2019-05-31 18:31:21 -07:00 · 2ecc1d21f7
commit 2ecc1d21f7
parent 183b17828e cc30f15f5c
10 changed files with 46 additions and 38 deletions
--- a/cmd/kyverno/kyverno.go
+++ b/cmd/kyverno/kyverno.go
@ -1,12 +1,20 @@
 package main

 import (
+	goflag "flag"
 	"fmt"
 	"os"

+	"github.com/nirmata/kyverno/pkg/config"
 	kyverno "github.com/nirmata/kyverno/pkg/kyverno"
+	flag "github.com/spf13/pflag"
 )

+func init() {
+	flag.CommandLine.AddGoFlagSet(goflag.CommandLine)
+	config.LogDefaultFlags()
+	flag.Parse()
+}
 func main() {
 	cmd := kyverno.NewDefaultKyvernoCommand()

--- a/init.go
+++ b/init.go
@ -1,8 +1,7 @@
 package main

 import (
-	"log"
-
+	"github.com/golang/glog"
 	client "github.com/nirmata/kyverno/pkg/dclient"
 	tls "github.com/nirmata/kyverno/pkg/tls"
 	"github.com/nirmata/kyverno/pkg/version"
@ -12,17 +11,17 @@ import (

 func printVersionInfo() {
 	v := version.GetVersion()
-	log.Printf("Kyverno version: %s\n", v.BuildVersion)
-	log.Printf("Kyverno BuildHash: %s\n", v.BuildHash)
-	log.Printf("Kyverno BuildTime: %s\n", v.BuildTime)
+	glog.Infof("Kyverno version: %s\n", v.BuildVersion)
+	glog.Infof("Kyverno BuildHash: %s\n", v.BuildHash)
+	glog.Infof("Kyverno BuildTime: %s\n", v.BuildTime)
 }

 func createClientConfig(kubeconfig string) (*rest.Config, error) {
 	if kubeconfig == "" {
-		log.Printf("Using in-cluster configuration")
+		glog.Info("Using in-cluster configuration")
 		return rest.InClusterConfig()
 	}
-	log.Printf("Using configuration from '%s'", kubeconfig)
+	glog.Infof("Using configuration from '%s'", kubeconfig)
 	return clientcmd.BuildConfigFromFlags("", kubeconfig)
 }

@ -36,14 +35,14 @@ func initTlsPemPair(configuration *rest.Config, client *client.Client) (*tls.Tls
 	}
 	tlsPair := client.ReadTlsPair(certProps)
 	if tls.IsTlsPairShouldBeUpdated(tlsPair) {
-		log.Printf("Generating new key/certificate pair for TLS")
+		glog.Info("Generating new key/certificate pair for TLS")
 		tlsPair, err = client.GenerateTlsPemPair(certProps)
 		if err != nil {
 			return nil, err
 		}
 		err = client.WriteTlsPair(certProps, tlsPair)
 		if err != nil {
-			log.Printf("Unable to save TLS pair to the cluster: %v", err)
+			glog.Errorf("Unable to save TLS pair to the cluster: %v", err)
 		}
 	}
 	return tlsPair, nil
--- a/pkg/engine/engine.go
+++ b/pkg/engine/engine.go
@ -7,7 +7,7 @@ import (
 )

 // As the logic to process the policies in stateless, we do not need to define struct and implement behaviors for it
-// Instead we expose them as standalone functions passing the logger and the required atrributes
+// Instead we expose them as standalone functions passing the required atrributes
 // The each function returns the changes that need to be applied on the resource
 // the caller is responsible to apply the changes to the resource

--- a/pkg/engine/generation.go
+++ b/pkg/engine/generation.go
@ -44,8 +44,8 @@ func applyRuleGenerator(client *client.Client, rawResource []byte, generator *ku
 	namespace := ParseNameFromObject(rawResource)
 	err = client.GenerateResource(*generator, namespace)
 	if err != nil {
-		return fmt.Errorf("Unable to apply generator for %s  %s: %v", generator.Kind, namespace, err)
+		return fmt.Errorf("Unable to apply generator for %s '%s/%s' : %v", generator.Kind, namespace, generator.Name, err)
 	}
-	glog.Infof("Successfully applied generator %s", generator.Kind)
+	glog.Infof("Successfully applied generator %s/%s", generator.Kind, generator.Name)
 	return nil
 }
--- a/pkg/engine/mutation.go
+++ b/pkg/engine/mutation.go
@ -1,8 +1,7 @@
 package engine

 import (
-	"log"
-
+	"github.com/golang/glog"
 	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@ -22,7 +21,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio

 		ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk)
 		if !ok {
-			log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name)
+			glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name)
 			continue
 		}

@ -31,7 +30,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio
 		if rule.Mutation.Overlay != nil {
 			overlayPatches, err := ProcessOverlay(policy, rawResource, gvk)
 			if err != nil {
-				log.Printf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
+				glog.Warningf("Overlay application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
 			} else {
 				policyPatches = append(policyPatches, overlayPatches...)
 			}
@ -42,7 +41,7 @@ func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersio
 		if rule.Mutation.Patches != nil {
 			processedPatches, patchedDocument, err = ProcessPatches(rule.Mutation.Patches, patchedDocument)
 			if err != nil {
-				log.Printf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
+				glog.Warningf("Patches application has failed for rule %s in policy %s, err: %v\n", rule.Name, policy.ObjectMeta.Name, err)
 			} else {
 				policyPatches = append(policyPatches, processedPatches...)
 			}
--- a/pkg/engine/overlay.go
+++ b/pkg/engine/overlay.go
@ -3,11 +3,11 @@ package engine
 import (
 	"encoding/json"
 	"fmt"
-	"log"
 	"reflect"
 	"strconv"

 	jsonpatch "github.com/evanphx/json-patch"
+	"github.com/golang/glog"

 	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -28,7 +28,7 @@ func ProcessOverlay(policy kubepolicy.Policy, rawResource []byte, gvk metav1.Gro

 		ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk)
 		if !ok {
-			log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name)
+			glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name)
 			continue
 		}

--- a/pkg/engine/patches.go
+++ b/pkg/engine/patches.go
@ -3,9 +3,9 @@ package engine
 import (
 	"encoding/json"
 	"errors"
-	"log"

 	jsonpatch "github.com/evanphx/json-patch"
+	"github.com/golang/glog"
 	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
 )

@ -32,7 +32,7 @@ func ProcessPatches(patches []kubepolicy.Patch, resource []byte) ([]PatchBytes,
 			if patch.Operation == "remove" {
 				continue
 			}
-			log.Printf("Patch failed: patch number = %d, patch Operation = %s, err: %v", i, patch.Operation, err)
+			glog.Warningf("Patch failed: patch number = %d, patch Operation = %s, err: %v", i, patch.Operation, err)
 			continue
 		}

--- a/pkg/engine/pattern.go
+++ b/pkg/engine/pattern.go
@ -2,12 +2,13 @@ package engine

 import (
 	"fmt"
-	"log"
 	"math"
 	"regexp"
 	"strconv"
 	"strings"

+	"github.com/golang/glog"
+
 	"github.com/minio/minio/pkg/wildcard"
 )

@ -35,7 +36,7 @@ func ValidateValueWithPattern(value, pattern interface{}) bool {
 	case bool:
 		typedValue, ok := value.(bool)
 		if !ok {
-			log.Printf("Expected bool, found %T", value)
+			glog.Warningf("Expected bool, found %T", value)
 			return false
 		}
 		return typedPattern == typedValue
@ -50,10 +51,10 @@ func ValidateValueWithPattern(value, pattern interface{}) bool {
 	case nil:
 		return validateValueWithNilPattern(value)
 	case map[string]interface{}, []interface{}:
-		log.Println("Maps and arrays as patterns are not supported")
+		glog.Warning("Maps and arrays as patterns are not supported")
 		return false
 	default:
-		log.Printf("Unknown type as pattern: %T\n", pattern)
+		glog.Warningf("Unknown type as pattern: %T\n", pattern)
 		return false
 	}
 }
@ -70,10 +71,10 @@ func validateValueWithIntPattern(value interface{}, pattern int64) bool {
 			return int64(typedValue) == pattern
 		}

-		log.Printf("Expected int, found float: %f\n", typedValue)
+		glog.Warningf("Expected int, found float: %f\n", typedValue)
 		return false
 	default:
-		log.Printf("Expected int, found: %T\n", value)
+		glog.Warningf("Expected int, found: %T\n", value)
 		return false
 	}
 }
@ -86,12 +87,12 @@ func validateValueWithFloatPattern(value interface{}, pattern float64) bool {
 			return int(pattern) == value
 		}

-		log.Printf("Expected float, found int: %d\n", typedValue)
+		glog.Warningf("Expected float, found int: %d\n", typedValue)
 		return false
 	case float64:
 		return typedValue == pattern
 	default:
-		log.Printf("Expected float, found: %T\n", value)
+		glog.Warningf("Expected float, found: %T\n", value)
 		return false
 	}
 }
@ -111,10 +112,10 @@ func validateValueWithNilPattern(value interface{}) bool {
 	case nil:
 		return true
 	case map[string]interface{}, []interface{}:
-		log.Println("Maps and arrays could not be checked with nil pattern")
+		glog.Warningf("Maps and arrays could not be checked with nil pattern")
 		return false
 	default:
-		log.Printf("Unknown type as value when checking for nil pattern: %T\n", value)
+		glog.Warningf("Unknown type as value when checking for nil pattern: %T\n", value)
 		return false
 	}
 }
@ -147,7 +148,7 @@ func validateString(value interface{}, pattern string, operator Operator) bool {
 	if NotEqual == operator || Equal == operator {
 		strValue, ok := value.(string)
 		if !ok {
-			log.Printf("Expected string, found %T\n", value)
+			glog.Warningf("Expected string, found %T\n", value)
 			return false
 		}

@ -160,7 +161,7 @@ func validateString(value interface{}, pattern string, operator Operator) bool {
 		return wildcardResult
 	}

-	log.Println("Operators >, >=, <, <= are not applicable to strings")
+	glog.Warningf("Operators >, >=, <, <= are not applicable to strings")
 	return false
 }

@ -168,13 +169,13 @@ func validateNumberWithStr(value interface{}, patternNumber, patternStr string,
 	if "" != patternStr {
 		typedValue, ok := value.(string)
 		if !ok {
-			log.Printf("Number must have suffix: %s", patternStr)
+			glog.Warningf("Number must have suffix: %s", patternStr)
 			return false
 		}

 		valueNumber, valueStr := getNumberAndStringPartsFromPattern(typedValue)
 		if !wildcard.Match(patternStr, valueStr) {
-			log.Printf("Suffix %s has not passed wildcard check: %s", valueStr, patternStr)
+			glog.Warningf("Suffix %s has not passed wildcard check: %s", valueStr, patternStr)
 			return false
 		}

--- a/pkg/engine/validation.go
+++ b/pkg/engine/validation.go
@ -3,8 +3,8 @@ package engine
 import (
 	"encoding/json"
 	"fmt"
-	"log"

+	"github.com/golang/glog"
 	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@ -25,7 +25,7 @@ func Validate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVers

 		ok := ResourceMeetsDescription(rawResource, rule.ResourceDescription, gvk)
 		if !ok {
-			log.Printf("Rule \"%s\" is not applicable to resource\n", rule.Name)
+			glog.Infof("Rule \"%s\" is not applicable to resource\n", rule.Name)
 			continue
 		}

--- a/pkg/kyverno/apply/apply.go
+++ b/pkg/kyverno/apply/apply.go
@ -10,6 +10,7 @@ import (
 	"path/filepath"
 	"strings"

+	"github.com/golang/glog"
 	kubepolicy "github.com/nirmata/kyverno/pkg/apis/policy/v1alpha1"
 	"github.com/nirmata/kyverno/pkg/engine"
 	"github.com/spf13/cobra"
@ -29,9 +30,9 @@ func NewCmdApply(in io.Reader, out, errout io.Writer) *cobra.Command {
 		Short:   "Apply policy on the resource(s)",
 		Example: applyExample,
 		Run: func(cmd *cobra.Command, args []string) {
+			defer glog.Flush()
 			var output string
 			policy, resources := complete(args)
-
 			for _, resource := range resources {
 				patchedDocument, err := applyPolicy(policy, resource.rawResource, resource.gvk)
 				if err != nil {