remove hard coded variables

.github/workflows/release.yaml

@@ -70,7 +70,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
 
-
       - uses: J12934/helm-gh-pages-action@master
         name: Run Helm Publish
         with:

cmd/kyverno/main.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"flag"
 	"fmt"
+	"github.com/nirmata/kyverno/pkg/common"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
@@ -54,7 +55,7 @@ var (
 	excludeUsername  string
 	// User FQDN as CSR CN
 	fqdncn       bool
-	policyReport string
+	policyReport bool
 	setupLog     = log.Log.WithName("setup")
 )
 
@@ -70,7 +71,7 @@ func main() {
 	flag.StringVar(&serverIP, "serverIP", "", "IP address where Kyverno controller runs. Only required if out-of-cluster.")
 	flag.StringVar(&runValidationInMutatingWebhook, "runValidationInMutatingWebhook", "", "Validation will also be done using the mutation webhook, set to 'true' to enable. Older kubernetes versions do not work properly when a validation webhook is registered.")
 	flag.BoolVar(&profile, "profile", false, "Set this flag to 'true', to enable profiling.")
-	flag.StringVar(&policyReport, "policyreport", "policyviolation", "Report Type")
+	flag.BoolVar(&policyReport, "policyreport", false, "Set this flag for enabling policy report")
 	if err := flag.Set("v", "2"); err != nil {
 		setupLog.Error(err, "failed to set log level")
 		os.Exit(1)
@@ -83,11 +84,10 @@ func main() {
 	if profile {
 		go http.ListenAndServe("localhost:6060", nil)
 	}
-	os.Setenv("POLICY-TYPE", "POLICYVIOLATION")
-	if policyReport == "policyreport" {
-		os.Setenv("POLICY-TYPE", "POLICYREPORT")
+	os.Setenv("POLICY-TYPE", common.PolicyViolation)
+	if policyReport {
+		os.Setenv("POLICY-TYPE", common.PolicyReport)
 	}
-	setupLog.Info(os.Getenv("POLICY-TYPE"))
 	version.PrintVersionInfo(log.Log)
 	cleanUp := make(chan struct{})
 	stopCh := signal.SetupSignalHandler()
@@ -341,11 +341,9 @@ func main() {
 	go grgen.Run(1)
 	go rWebhookWatcher.Run(stopCh)
 	go configData.Run(stopCh)
-	if os.Getenv("POLICY-TYPE") != "POLICYREPORT" {
-		go policyCtrl.Run(3, stopCh)
-	} else {
-		go policyCtrl.Run(1, stopCh)
-	}
+
+	go policyCtrl.Run(3, stopCh)
+
 
 	go eventGenerator.Run(3, stopCh)
 	go grc.Run(1, stopCh)

pkg/common/common.go

@@ -5,3 +5,9 @@ const (
 	Enforce = "enforce" // blocks the request on failure
 	Audit   = "audit"   // dont block the request on failure, but report failiures as policy violations
 )
+
+// Policy Reporting Types
+const (
+	PolicyViolation = "POLICYVIOLATION"
+	PolicyReport = "POLICYREPORT"
+)

pkg/kyverno/report/cluster.go

@@ -17,7 +17,7 @@ func ClusterCommand() *cobra.Command {
 		Short:   "generate report",
 		Example: fmt.Sprintf("To create a cluster report from background scan:\nkyverno report cluster --namespace=defaults \n kyverno report cluster"),
 		RunE: func(cmd *cobra.Command, args []string) (err error) {
-			os.Setenv("POLICY-TYPE", "POLICYREPORT")
+			os.Setenv("POLICY-TYPE", common.PolicyReport)
 			logger := log.Log.WithName("Report")
 			restConfig, err := kubernetesConfig.ToRESTConfig()
 			if err != nil {

pkg/kyverno/report/helm.go

@@ -23,7 +23,7 @@ func HelmCommand() *cobra.Command {
 		Short:   "generate report",
 		Example: fmt.Sprintf("To create a helm report from background scan:\nkyverno report helm --namespace=defaults \n kyverno report helm"),
 		RunE: func(cmd *cobra.Command, args []string) (err error) {
-			os.Setenv("POLICY-TYPE", "POLICYREPORT")
+			os.Setenv("POLICY-TYPE", common.PolicyReport)
 			logger := log.Log.WithName("Report")
 			restConfig, err := kubernetesConfig.ToRESTConfig()
 			if err != nil {

pkg/kyverno/report/namespace.go

@@ -22,7 +22,7 @@ func NamespaceCommand() *cobra.Command {
 		Short:   "generate report",
 		Example: fmt.Sprintf("To create a namespace report from background scan:\nkyverno report namespace --namespace=defaults \n kyverno report namespace"),
 		RunE: func(cmd *cobra.Command, args []string) (err error) {
-			os.Setenv("POLICY-TYPE", "POLICYREPORT")
+			os.Setenv("POLICY-TYPE", common.PolicyReport)
 			logger := log.Log.WithName("Report")
 			restConfig, err := kubernetesConfig.ToRESTConfig()
 			if err != nil {

pkg/policy/controller.go

@@ -157,7 +157,7 @@ func NewPolicyController(kyvernoClient *kyvernoclient.Clientset,
 
 	pc.pvControl = RealPVControl{Client: kyvernoClient, Recorder: pc.eventRecorder}
 
-	if os.Getenv("POLICY-TYPE") != "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") != common.PolicyReport {
 		cpvInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
 			AddFunc:    pc.addClusterPolicyViolation,
 			UpdateFunc: pc.updateClusterPolicyViolation,
@@ -206,7 +206,7 @@ func NewPolicyController(kyvernoClient *kyvernoclient.Clientset,
 	// rebuild after 300 seconds/ 5 mins
 	//TODO: pass the time in seconds instead of converting it internally
 	pc.rm = NewResourceManager(30)
-	if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 		go func(pc PolicyController) {
 			for k := range time.Tick(60 * time.Second) {
 				pc.log.V(2).Info("Policy Background sync at", "time", k.String())
@@ -354,7 +354,7 @@ func (pc *PolicyController) Run(workers int, stopCh <-chan struct{}) {
 	logger.Info("starting")
 	defer logger.Info("shutting down")
 
-	if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 		if !cache.WaitForCacheSync(stopCh, pc.pListerSynced, pc.nsListerSynced) {
 			logger.Info("failed to sync informer cache")
 			return
@@ -448,7 +448,7 @@ func (pc *PolicyController) syncPolicy(key string) error {
 				}
 			}
 		}
-		if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+		if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 			pc.policySync.mux.Lock()
 			pc.policySync.policy = append(pc.policySync.policy, key)
 			pc.policySync.mux.Unlock()
@@ -474,7 +474,7 @@ func (pc *PolicyController) syncPolicy(key string) error {
 		}
 	}
 
-	if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 		pc.policySync.mux.Lock()
 		pc.policySync.policy = append(pc.policySync.policy, key)
 		pc.policySync.mux.Unlock()

pkg/policyreport/builder.go

@@ -18,7 +18,7 @@ func GeneratePRsFromEngineResponse(ers []response.EngineResponse, log logr.Logge
 			continue
 		}
 		// skip when response succeed
-		if os.Getenv("POLICY-TYPE") != "POLICYREPORT" {
+		if os.Getenv("POLICY-TYPE") != common.PolicyReport {
 			if er.IsSuccessful() {
 				continue
 			}
@@ -85,7 +85,7 @@ func buildPVInfo(er response.EngineResponse) Info {
 func buildViolatedRules(er response.EngineResponse) []kyverno.ViolatedRule {
 	var violatedRules []kyverno.ViolatedRule
 	for _, rule := range er.PolicyResponse.Rules {
-		if os.Getenv("POLICY-TYPE") != "POLICYREPORT" {
+		if os.Getenv("POLICY-TYPE") != common.PolicyReport {
 			if rule.Success {
 				continue
 			}

pkg/policyviolation/builder.go

@@ -17,7 +17,7 @@ func GeneratePVsFromEngineResponse(ers []response.EngineResponse, log logr.Logge
 			continue
 		}
 		// skip when response succeed
-		if os.Getenv("POLICY-TYPE") != "POLICYREPORT" {
+		if os.Getenv("POLICY-TYPE") != common.PolicyReport {
 			if er.IsSuccessful() {
 				continue
 			}

pkg/policyviolation/generator.go

@@ -134,7 +134,7 @@ func NewPVGenerator(client *kyvernoclient.Clientset,
 		job:                  job,
 		policyStatusListener: policyStatus,
 	}
-	if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 		gen.prgen = policyreport.NewPRGenerator(client,
 			dclient,
 			prInformer,
@@ -253,7 +253,7 @@ func (gen *Generator) processNextWorkItem() bool {
 
 func (gen *Generator) syncHandler(info Info) error {
 	logger := gen.log
-	if os.Getenv("POLICY-TYPE") == "POLICYREPORT" {
+	if os.Getenv("POLICY-TYPE") == common.PolicyReport {
 		gen.prgen.Add(policyreport.Info(info))
 		return nil
 	}