mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
handle rule dependency issue in overall mutation failure
This commit is contained in:
Shuting Zhao
parent
c48b72ff2f
commit
31f5d788ab
1 changed files with 7 additions and 26 deletions
|
|
@ -107,13 +107,7 @@ func mutation(policy kyverno.Policy, resource unstructured.Unstructured, policyS
|
||||||
return append(ruleInfos, ruleInfo), nil
|
return append(ruleInfos, ruleInfo), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// return getFailedOverallRuleInfo(resource, ruleInfos)
|
return getFailedOverallRuleInfo(resource, ruleInfos)
|
||||||
ruleInfos, err := getFailedOverallRuleInfo(resource, ruleInfos)
|
|
||||||
if err != nil {
|
|
||||||
glog.Infoln("======err========", err)
|
|
||||||
}
|
|
||||||
glog.Infoln("======ruleInfo========", ruleInfos[len(ruleInfos)-1:])
|
|
||||||
return ruleInfos, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// getFailedOverallRuleInfo gets detailed info for over-all mutation failure
|
// getFailedOverallRuleInfo gets detailed info for over-all mutation failure
|
||||||
|
|
@ -126,18 +120,15 @@ func getFailedOverallRuleInfo(resource unstructured.Unstructured, ruleInfos []in
|
||||||
return ruleInfos, err
|
return ruleInfos, err
|
||||||
}
|
}
|
||||||
|
|
||||||
var msg string
|
var failedRules []string
|
||||||
var patches [][]byte
|
|
||||||
|
|
||||||
// resource does not match so there was a mutation rule violated
|
// resource does not match so there was a mutation rule violated
|
||||||
for i, ri := range ruleInfos {
|
for _, ri := range ruleInfos {
|
||||||
if len(ri.Patches) == 0 {
|
if len(ri.Patches) == 0 {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
patches = append(patches, ri.Patches...)
|
patch, err := jsonpatch.DecodePatch(utils.JoinPatches(ri.Patches))
|
||||||
mergePatches := utils.JoinPatches(patches)
|
|
||||||
patch, err := jsonpatch.DecodePatch(mergePatches)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ruleInfos, err
|
return ruleInfos, err
|
||||||
}
|
}
|
||||||
|
|
@ -148,23 +139,13 @@ func getFailedOverallRuleInfo(resource unstructured.Unstructured, ruleInfos []in
|
||||||
return ruleInfos, err
|
return ruleInfos, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if jsonpatch.Equal(patchedResource, rawResource) {
|
if !jsonpatch.Equal(patchedResource, rawResource) {
|
||||||
if i != len(ruleInfos)-1 {
|
failedRules = append(failedRules, ri.Name)
|
||||||
ruleInfo.Fail()
|
|
||||||
ruleInfo.Addf("failed to apply the rules %s", getRuleName(ruleInfos, i+1))
|
|
||||||
return append(ruleInfos, ruleInfo), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// end states matches
|
|
||||||
ruleInfo.Add("resource satisfys the mutation rule")
|
|
||||||
return append(ruleInfos, ruleInfo), nil
|
|
||||||
} else {
|
|
||||||
msg = fmt.Sprintf("rule %s might have failed", ri.Name)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ruleInfo.Fail()
|
ruleInfo.Fail()
|
||||||
ruleInfo.Add(msg)
|
ruleInfo.Add(fmt.Sprintf("rule %s might have failed", strings.Join(failedRules, ",")))
|
||||||
return append(ruleInfos, ruleInfo), nil
|
return append(ruleInfos, ruleInfo), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue