- set tag optional in generaterequest; - fix generate controller error log

2025-03-05 23:46:56 +00:00 · 2020-11-13 17:44:34 -08:00 · 2020-11-13 17:44:34 -08:00 · 2ff9d03b3f
commit 2ff9d03b3f
parent 943935ee1b
8 changed files with 39 additions and 17 deletions
--- a/definitions/crds/kyverno.io_generaterequests.yaml
+++ b/definitions/crds/kyverno.io_generaterequests.yaml
@ -48,11 +48,13 @@ spec:
                          send the request
                        items:
                          type: string
+                        nullable: true
                        type: array
                      roles:
                        description: Roles is a list of possible role send the request
                        items:
                          type: string
+                        nullable: true
                        type: array
                      userInfo:
                        description: UserInfo is the userInfo carried in the admission
@ -84,10 +86,6 @@ spec:
                              among all active users.
                            type: string
                        type: object
-                    required:
-                    - clusterRoles
-                    - roles
-                    - userInfo
                    type: object
                type: object
              policy:
--- a/pkg/api/kyverno/v1/generaterequest_types.go
+++ b/pkg/api/kyverno/v1/generaterequest_types.go
@ -30,16 +30,24 @@ type GenerateRequestSpec struct {

 //GenerateRequestContext stores the context to be shared
 type GenerateRequestContext struct {
+	// +optional
 	UserRequestInfo RequestInfo `json:"userInfo,omitempty" yaml:"userInfo,omitempty"`
 }

 // RequestInfo contains permission info carried in an admission request
 type RequestInfo struct {
 	// Roles is a list of possible role send the request
+	// +nullable
+	// +optional
 	Roles []string `json:"roles" yaml:"roles"`
+
 	// ClusterRoles is a list of possible clusterRoles send the request
+	// +nullable
+	// +optional
 	ClusterRoles []string `json:"clusterRoles" yaml:"clusterRoles"`
+
 	// UserInfo is the userInfo carried in the admission request
+	// +optional
 	AdmissionUserInfo authenticationv1.UserInfo `json:"userInfo" yaml:"userInfo"`
 }

--- a/pkg/generate/cleanup/controller.go
+++ b/pkg/generate/cleanup/controller.go
@ -246,6 +246,12 @@ func (c *Controller) handleErr(err error, key interface{}) {
 		return
 	}

+	if errors.IsNotFound(err) {
+		c.queue.Forget(key)
+		logger.V(4).Info("Dropping generate request from the queue", "key", key, "error", err)
+		return
+	}
+
 	if c.queue.NumRequeues(key) < maxRetries {
 		logger.Error(err, "failed to sync generate request", "key", key)
 		c.queue.AddRateLimited(key)
@ -260,7 +266,7 @@ func (c *Controller) syncGenerateRequest(key string) error {
 	logger := c.log.WithValues("key", key)
 	var err error
 	startTime := time.Now()
-	logger.Info("started syncing generate request", "startTime", startTime)
+	logger.V(4).Info("started syncing generate request", "startTime", startTime)
 	defer func() {
 		logger.V(4).Info("finished syncying generate request", "processingTIme", time.Since(startTime).String())
 	}()
--- a/pkg/generate/controller.go
+++ b/pkg/generate/controller.go
@ -14,6 +14,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/event"
 	"github.com/kyverno/kyverno/pkg/policystatus"
 	"github.com/kyverno/kyverno/pkg/resourcecache"
+	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
@ -230,7 +231,7 @@ func (c *Controller) deleteGR(obj interface{}) {
 			}
 		}
 	}
-	logger.Info("deleting generate request", "name", gr.Name)
+	logger.V(3).Info("deleting generate request", "name", gr.Name)
 	// sync Handler will remove it from the queue
 	c.enqueueGR(gr)
 }
@ -280,6 +281,12 @@ func (c *Controller) handleErr(err error, key interface{}) {
 		return
 	}

+	if errors.IsNotFound(err) {
+		c.queue.Forget(key)
+		logger.V(4).Info("Dropping generate request from the queue", "key", key, "error", err)
+		return
+	}
+
 	if c.queue.NumRequeues(key) < maxRetries {
 		logger.Error(err, "failed to sync generate request", "key", key)
 		c.queue.AddRateLimited(key)
@ -294,7 +301,7 @@ func (c *Controller) syncGenerateRequest(key string) error {
 	logger := c.log
 	var err error
 	startTime := time.Now()
-	logger.Info("started sync", "key", key, "startTime", startTime)
+	logger.V(4).Info("started sync", "key", key, "startTime", startTime)
 	defer func() {
 		logger.V(4).Info("finished sync", "key", key, "processingTime", time.Since(startTime).String())
 	}()
@ -305,6 +312,10 @@ func (c *Controller) syncGenerateRequest(key string) error {

 	gr, err := c.grLister.Get(grName)
 	if err != nil {
+		if errors.IsNotFound(err) {
+			return nil
+		}
+
 		logger.Error(err, "failed to list generate requests")
 		return err
 	}
--- a/pkg/generate/generate.go
+++ b/pkg/generate/generate.go
@ -182,7 +182,6 @@ func (c *Controller) applyGeneratePolicy(log logr.Logger, policyContext engine.P
 		}

 		genResource, err := applyRule(log, c.client, rule, resource, ctx, policy.Name, gr, processExisting)
-
 		if err != nil {
 			return nil, err
 		}
@ -346,7 +345,7 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
 			// Failed to create resource
 			return noGenResource, err
 		}
-		logger.V(4).Info("created new resource")
+		logger.V(2).Info("created generated resource")

 	} else if mode == Update {
 		var isUpdate bool
@ -374,7 +373,7 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
 				logger.Error(err, "updating existing resource")
 				return noGenResource, err
 			}
-			logger.V(4).Info("updated new resource")
+			logger.V(4).Info("updated generated resource")
 		} else {
 			resource := &unstructured.Unstructured{}
 			resource.SetUnstructuredContent(rdata)
@ -384,7 +383,7 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
 				logger.Error(err, "updating existing resource")
 				return noGenResource, err
 			}
-			logger.V(4).Info("updated new resource")
+			logger.V(4).Info("updated geneated resource")
 		}

 		logger.V(4).Info("Synchronize resource is disabled")
--- a/pkg/generate/status.go
+++ b/pkg/generate/status.go
@ -6,6 +6,7 @@ import (
 	kyverno "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
 	kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
 	"github.com/kyverno/kyverno/pkg/config"
+	"k8s.io/apimachinery/pkg/api/errors"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 )
@ -28,11 +29,11 @@ func (sc StatusControl) Failed(gr kyverno.GenerateRequest, message string, genRe
 	// Update Generated Resources
 	gr.Status.GeneratedResources = genResources
 	_, err := sc.client.KyvernoV1().GenerateRequests(config.KubePolicyNamespace).UpdateStatus(context.TODO(), &gr, v1.UpdateOptions{})
-	if err != nil {
+	if err != nil && !errors.IsNotFound(err) {
 		log.Log.Error(err, "failed to update generate request status", "name", gr.Name)
 		return err
 	}
-	log.Log.Info("updated generate request status", "name", gr.Name, "status", string(kyverno.Failed))
+	log.Log.V(3).Info("updated generate request status", "name", gr.Name, "status", string(kyverno.Failed))
 	return nil
 }

@ -44,10 +45,10 @@ func (sc StatusControl) Success(gr kyverno.GenerateRequest, genResources []kyver
 	gr.Status.GeneratedResources = genResources

 	_, err := sc.client.KyvernoV1().GenerateRequests(config.KubePolicyNamespace).UpdateStatus(context.TODO(), &gr, v1.UpdateOptions{})
-	if err != nil {
+	if err != nil && !errors.IsNotFound(err) {
 		log.Log.Error(err, "failed to update generate request status", "name", gr.Name)
 		return err
 	}
-	log.Log.Info("updated generate request status", "name", gr.Name, "status", string(kyverno.Completed))
+	log.Log.V(3).Info("updated generate request status", "name", gr.Name, "status", string(kyverno.Completed))
 	return nil
 }
--- a/pkg/kyverno/apply/command.go
+++ b/pkg/kyverno/apply/command.go
@ -415,7 +415,6 @@ func createFileOrFolder(mutateLogPath string, mutateLogPathIsDir bool) error {
 				if len(s) > 1 {
 					folderPath = mutateLogPath[:len(mutateLogPath)-len(s[len(s)-1])-1]
 					_, err := os.Stat(folderPath)
-					fmt.Println(err)
 					if os.IsNotExist(err) {
 						errDir := os.MkdirAll(folderPath, 0755)
 						if errDir != nil {
--- a/pkg/policy/controller.go
+++ b/pkg/policy/controller.go
@ -419,7 +419,7 @@ func (pc *PolicyController) syncPolicy(key string) error {
 			for _, v := range grList {
 				if key == v.Spec.Policy {
 					err := pc.kyvernoClient.KyvernoV1().GenerateRequests(config.KubePolicyNamespace).Delete(context.TODO(), v.GetName(), metav1.DeleteOptions{})
-					if err != nil {
+					if err != nil && !errors.IsNotFound(err) {
 						logger.Error(err, "failed to delete gr")
 					}
 				}