mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-15 12:17:56 +00:00
Code Activity

fix: add emitWarning field in v2beta1 (#11489)

Browse source 
* fix: add emitWarning field in v2beta1

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: add artificathub changes

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
This commit is contained in:
Mariam Fahmy 2024-10-30 18:17:59 +03:00 committed by GitHub
parent 34dc0e52a2
commit 2ff41d10ca
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 193 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
api/kyverno/v2beta1/spec_types.go
View file

@ -34,6 +34,12 @@ type Spec struct {
// Deprecated, use validationFailureActionOverrides under the validate rule instead. // Deprecated, use validationFailureActionOverrides under the validate rule instead.
ValidationFailureActionOverrides []kyvernov1.ValidationFailureActionOverride `json:"validationFailureActionOverrides,omitempty"` ValidationFailureActionOverrides []kyvernov1.ValidationFailureActionOverride `json:"validationFailureActionOverrides,omitempty"`
// EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
// Enabling this option will extend admission request processing times. The default value is "false".
// +optional
// +kubebuilder:default=false
EmitWarning *bool `json:"emitWarning,omitempty"`
// Admission controls if rules are applied during admission. // Admission controls if rules are applied during admission.
// Optional. Default value is "true". // Optional. Default value is "true".
// +optional // +optional

5
api/kyverno/v2beta1/zz_generated.deepcopy.go
View file

@ -814,6 +814,11 @@ func (in *Spec) DeepCopyInto(out *Spec) {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
} }
if in.EmitWarning != nil {
in, out := &in.EmitWarning, &out.EmitWarning
*out = new(bool)
**out = **in
}
if in.Admission != nil { if in.Admission != nil {
in, out := &in.Admission, &out.Admission in, out := &in.Admission, &out.Admission
*out = new(bool) *out = new(bool)

12
charts/kyverno/Chart.yaml
View file

@ -33,16 +33,8 @@ annotations:
url: https://kyverno.io/docs url: https://kyverno.io/docs
# valid kinds are: added, changed, deprecated, removed, fixed and security # valid kinds are: added, changed, deprecated, removed, fixed and security
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: added - kind: fixed
description: Add a key to preserve configmap settings during upgrade description: Add spec.emitWarning to v2beta1 policy
- kind: added
description: Make admission reports breaker threshold configurable
- kind: added
description: ImagePullSecrets made globally configurable
- kind: removed
description: Deprecated configuration `features.reports.chunkSize` was removed
- kind: added
description: ImagePullSecrets made configurable for tests
dependencies: dependencies:
- name: grafana - name: grafana
version: v0.0.0 version: v0.0.0

6
charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml
View file

@ -10381,6 +10381,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

6
charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml
View file

@ -10384,6 +10384,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

6
cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml
View file

@ -10375,6 +10375,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

6
cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml
View file

@ -10378,6 +10378,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

6
config/crds/kyverno/kyverno.io_clusterpolicies.yaml
View file

@ -10375,6 +10375,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

6
config/crds/kyverno/kyverno.io_policies.yaml
View file

@ -10378,6 +10378,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

12
config/install-latest-testing.yaml
View file

@ -15800,6 +15800,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.
@ -36355,6 +36361,12 @@ spec:
Optional. Default value is "true". The value must be set to "false" if the policy rule Optional. Default value is "true". The value must be set to "false" if the policy rule
uses variables that are only available in the admission review request (e.g. user name). uses variables that are only available in the admission review request (e.g. user name).
type: boolean type: boolean
emitWarning:
default: false
description: |-
EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is "false".
type: boolean
failurePolicy: failurePolicy:
description: Deprecated, use failurePolicy under the webhookConfiguration description: Deprecated, use failurePolicy under the webhookConfiguration
instead. instead.

39
docs/user/crd/index.html
View file

@ -8077,6 +8077,19 @@ ValidationFailureAction
</tr> </tr>
<tr> <tr>
<td> <td>
<code>emitWarning</code><br/>
<em>
bool
</em>
</td>
<td>
<em>(Optional)</em>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &ldquo;false&rdquo;.</p>
</td>
</tr>
<tr>
<td>
<code>admission</code><br/> <code>admission</code><br/>
<em> <em>
bool bool
@ -8338,6 +8351,19 @@ ValidationFailureAction
</tr> </tr>
<tr> <tr>
<td> <td>
<code>emitWarning</code><br/>
<em>
bool
</em>
</td>
<td>
<em>(Optional)</em>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &ldquo;false&rdquo;.</p>
</td>
</tr>
<tr>
<td>
<code>admission</code><br/> <code>admission</code><br/>
<em> <em>
bool bool
@ -9751,6 +9777,19 @@ ValidationFailureAction
</tr> </tr>
<tr> <tr>
<td> <td>
<code>emitWarning</code><br/>
<em>
bool
</em>
</td>
<td>
<em>(Optional)</em>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &ldquo;false&rdquo;.</p>
</td>
</tr>
<tr>
<td>
<code>admission</code><br/> <code>admission</code><br/>
<em> <em>
bool bool

84
docs/user/crd/kyverno.v2beta1.html
View file

@ -948,6 +948,34 @@ set to <code>All</code> all rules in the policy are processed. The default is <c
<tr>
<td><code>emitWarning</code>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &quot;false&quot;.</p>
</td>
</tr>
<tr> <tr>
<td><code>admission</code> <td><code>admission</code>
@ -1507,6 +1535,34 @@ set to <code>All</code> all rules in the policy are processed. The default is <c
<tr>
<td><code>emitWarning</code>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &quot;false&quot;.</p>
</td>
</tr>
<tr> <tr>
<td><code>admission</code> <td><code>admission</code>
@ -4370,6 +4426,34 @@ set to <code>All</code> all rules in the policy are processed. The default is <c
<tr>
<td><code>emitWarning</code>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>EmitWarning enables API response warnings for mutate policy rules or validate policy rules with validationFailureAction set to Audit.
Enabling this option will extend admission request processing times. The default value is &quot;false&quot;.</p>
</td>
</tr>
<tr> <tr>
<td><code>admission</code> <td><code>admission</code>

9
pkg/client/applyconfigurations/kyverno/v2beta1/spec.go
View file

@ -31,6 +31,7 @@ type SpecApplyConfiguration struct {
FailurePolicy *v1.FailurePolicyType `json:"failurePolicy,omitempty"` FailurePolicy *v1.FailurePolicyType `json:"failurePolicy,omitempty"`
ValidationFailureAction *v1.ValidationFailureAction `json:"validationFailureAction,omitempty"` ValidationFailureAction *v1.ValidationFailureAction `json:"validationFailureAction,omitempty"`
ValidationFailureActionOverrides []kyvernov1.ValidationFailureActionOverrideApplyConfiguration `json:"validationFailureActionOverrides,omitempty"` ValidationFailureActionOverrides []kyvernov1.ValidationFailureActionOverrideApplyConfiguration `json:"validationFailureActionOverrides,omitempty"`
EmitWarning *bool `json:"emitWarning,omitempty"`
Admission *bool `json:"admission,omitempty"` Admission *bool `json:"admission,omitempty"`
Background *bool `json:"background,omitempty"` Background *bool `json:"background,omitempty"`
SchemaValidation *bool `json:"schemaValidation,omitempty"` SchemaValidation *bool `json:"schemaValidation,omitempty"`
@ -98,6 +99,14 @@ func (b *SpecApplyConfiguration) WithValidationFailureActionOverrides(values ...
return b return b
} }
// WithEmitWarning sets the EmitWarning field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the EmitWarning field is set to the value of the last call.
func (b *SpecApplyConfiguration) WithEmitWarning(value bool) *SpecApplyConfiguration {
b.EmitWarning = &value
return b
}
// WithAdmission sets the Admission field in the declarative configuration to the given value // WithAdmission sets the Admission field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations. // and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Admission field is set to the value of the last call. // If called multiple times, the Admission field is set to the value of the last call.