From 3845225db1c42407e594adad11200ace140daeab Mon Sep 17 00:00:00 2001 From: Afzal Ansari Date: Sat, 7 May 2022 22:14:57 +0530 Subject: [PATCH] refactor: imported pkg redeclared and a few other unused func (#3827) * Removes paths redeclared Signed-off-by: afzal442 * fixes v1 redeclared Signed-off-by: afzal442 * fixes mergeSucceededResults func never used Signed-off-by: afzal442 * fixes func unused Signed-off-by: afzal442 * refactors unused func Signed-off-by: afzal442 * refactors unused func Signed-off-by: afzal442 * refactors getNamespacesForRule unused Signed-off-by: afzal442 * refactors policyNamespace unused Signed-off-by: afzal442 * refactors replacing loop with ... Signed-off-by: afzal442 * refactors func buildPolicyLabel unused Signed-off-by: afzal442 * removes unused func Signed-off-by: afzal442 * removes unused comment Signed-off-by: afzal442 Co-authored-by: Sambhav Kothari --- cmd/cli/kubectl-kyverno/apply/report.go | 41 ---------- cmd/cli/kubectl-kyverno/utils/common/fetch.go | 5 +- pkg/engine/mutate/mutation_test.go | 13 ---- pkg/engine/mutate/utils.go | 20 ----- pkg/policy/background.go | 35 --------- pkg/policy/common.go | 77 ------------------- pkg/testrunner/scenario.go | 3 +- pkg/webhooks/metrics.go | 5 +- test/e2e/verifyimages/verifyimages_test.go | 2 - 9 files changed, 5 insertions(+), 196 deletions(-) delete mode 100644 pkg/engine/mutate/utils.go diff --git a/cmd/cli/kubectl-kyverno/apply/report.go b/cmd/cli/kubectl-kyverno/apply/report.go index d60c0acb16..863d08eb46 100644 --- a/cmd/cli/kubectl-kyverno/apply/report.go +++ b/cmd/cli/kubectl-kyverno/apply/report.go @@ -119,47 +119,6 @@ func buildPolicyResults(infos []policyreport.Info) map[string][]report.PolicyRep return results } -func mergeSucceededResults(results map[string][]*report.PolicyReportResult) map[string][]*report.PolicyReportResult { - resultsNew := make(map[string][]*report.PolicyReportResult) - - for scope, scopedResults := range results { - - resourcesMap := make(map[string]*report.PolicyReportResult) - for _, result := range scopedResults { - if result.Result != report.PolicyResult("pass") { - resultsNew[scope] = append(resultsNew[scope], result) - continue - } - - key := fmt.Sprintf("%s/%s", result.Policy, result.Rule) - if r, ok := resourcesMap[key]; !ok { - resourcesMap[key] = &report.PolicyReportResult{} - resourcesMap[key] = result - } else { - r.Resources = append(r.Resources, result.Resources...) - resourcesMap[key] = r - } - } - - for k, v := range resourcesMap { - names := strings.Split(k, "/") - if len(names) != 2 { - continue - } - - r := &report.PolicyReportResult{ - Policy: names[0], - Rule: names[1], - Resources: v.Resources, - Result: report.PolicyResult(v.Result), - } - - resultsNew[scope] = append(resultsNew[scope], r) - } - } - return resultsNew -} - func calculateSummary(results []report.PolicyReportResult) (summary report.PolicyReportSummary) { for _, res := range results { switch string(res.Result) { diff --git a/cmd/cli/kubectl-kyverno/utils/common/fetch.go b/cmd/cli/kubectl-kyverno/utils/common/fetch.go index 75f4446375..6bee74e32e 100644 --- a/cmd/cli/kubectl-kyverno/utils/common/fetch.go +++ b/cmd/cli/kubectl-kyverno/utils/common/fetch.go @@ -154,9 +154,8 @@ func GetResourcesWithTest(fs billy.Filesystem, policies []v1.PolicyInterface, re return nil, err } - for _, resource := range getResources { - resources = append(resources, resource) - } + resources = append(resources, getResources...) + } } return resources, nil diff --git a/pkg/engine/mutate/mutation_test.go b/pkg/engine/mutate/mutation_test.go index faed4882cf..6832b1a6e2 100644 --- a/pkg/engine/mutate/mutation_test.go +++ b/pkg/engine/mutate/mutation_test.go @@ -200,19 +200,6 @@ func TestProcessPatches_RemovePathDoesntExist_NotEmptyResult(t *testing.T) { assertEqStringAndData(t, `{"path":"/metadata/labels/label2","op":"add","value":"label2Value"}`, rr.Patches[0]) } -func assertEqDataImpl(t *testing.T, expected, actual []byte, formatModifier string) { - if len(expected) != len(actual) { - t.Errorf("len(expected) != len(actual): %d != %d\n1:"+formatModifier+"\n2:"+formatModifier, len(expected), len(actual), expected, actual) - return - } - - for idx, val := range actual { - if val != expected[idx] { - t.Errorf("Slices not equal at index %d:\n1:"+formatModifier+"\n2:"+formatModifier, idx, expected, actual) - } - } -} - func assertEqStringAndData(t *testing.T, str string, data []byte) { var p1 jsonPatch json.Unmarshal([]byte(str), &p1) diff --git a/pkg/engine/mutate/utils.go b/pkg/engine/mutate/utils.go deleted file mode 100644 index 52c15cc4c4..0000000000 --- a/pkg/engine/mutate/utils.go +++ /dev/null @@ -1,20 +0,0 @@ -package mutate - -import ( - commonAnchors "github.com/kyverno/kyverno/pkg/engine/anchor" -) - -// getAnchorAndElementsFromMap gets the condition anchor map and resource map without anchor -func getAnchorAndElementsFromMap(anchorsMap map[string]interface{}) (map[string]interface{}, map[string]interface{}) { - anchors := make(map[string]interface{}) - elementsWithoutanchor := make(map[string]interface{}) - for key, value := range anchorsMap { - if commonAnchors.IsConditionAnchor(key) { - anchors[key] = value - } else if !commonAnchors.IsAddIfNotPresentAnchor(key) { - elementsWithoutanchor[key] = value - } - } - - return anchors, elementsWithoutanchor -} diff --git a/pkg/policy/background.go b/pkg/policy/background.go index 306c378c1b..46efd19589 100644 --- a/pkg/policy/background.go +++ b/pkg/policy/background.go @@ -1,16 +1,11 @@ package policy import ( - "encoding/json" "fmt" "strings" kyverno "github.com/kyverno/kyverno/api/kyverno/v1" "github.com/kyverno/kyverno/pkg/autogen" - "github.com/kyverno/kyverno/pkg/engine/context" - "github.com/kyverno/kyverno/pkg/engine/variables" - "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" - "sigs.k8s.io/controller-runtime/pkg/log" ) //ContainsUserVariables returns error if variable that does not start from request.object @@ -92,33 +87,3 @@ func userInfoDefined(ui kyverno.UserInfo) string { } return "" } - -func substituteVarsInJSON(ctx context.EvalInterface, document apiextensions.JSON) (apiextensions.JSON, error) { - jsonByte, err := json.Marshal(document) - if err != nil { - return nil, err - } - - var jsonInterface interface{} - err = json.Unmarshal(jsonByte, &jsonInterface) - if err != nil { - return nil, err - } - - jsonInterface, err = variables.SubstituteAll(log.Log, ctx, jsonInterface) - if err != nil { - return nil, err - } - - jsonByte, err = json.Marshal(jsonInterface) - if err != nil { - return nil, err - } - - err = json.Unmarshal(jsonByte, &document) - if err != nil { - return nil, err - } - - return document, nil -} diff --git a/pkg/policy/common.go b/pkg/policy/common.go index 4f481a3bcc..b70339d36d 100644 --- a/pkg/policy/common.go +++ b/pkg/policy/common.go @@ -1,7 +1,6 @@ package policy import ( - "fmt" "reflect" "strings" @@ -10,29 +9,12 @@ import ( kyverno "github.com/kyverno/kyverno/api/kyverno/v1" "github.com/kyverno/kyverno/pkg/config" "github.com/kyverno/kyverno/pkg/utils" - stringutils "github.com/kyverno/kyverno/pkg/utils/string" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/labels" - listerv1 "k8s.io/client-go/listers/core/v1" "sigs.k8s.io/controller-runtime/pkg/log" ) -func buildPolicyLabel(policyName string) (labels.Selector, error) { - policyLabelmap := map[string]string{"policy": policyName} - //NOt using a field selector, as the match function will have to cast the runtime.object - // to get the field, while it can get labels directly, saves the cast effort - ls := &metav1.LabelSelector{} - if err := metav1.Convert_Map_string_To_string_To_v1_LabelSelector(&policyLabelmap, ls, nil); err != nil { - return nil, fmt.Errorf("failed to generate label sector of Policy name %s: %v", policyName, err) - } - policySelector, err := metav1.LabelSelectorAsSelector(ls) - if err != nil { - return nil, fmt.Errorf("Policy %s has invalid label selector: %v", policyName, err) - } - return policySelector, nil -} - func transformResource(resource unstructured.Unstructured) []byte { data, err := resource.MarshalJSON() if err != nil { @@ -60,65 +42,6 @@ func MergeResources(a, b map[string]unstructured.Unstructured) { } } -// getNamespacesForRule gets the matched namespaces list for the given rule -func (pc *PolicyController) getNamespacesForRule(rule *kyverno.Rule, log logr.Logger) []string { - var matchedNS []string - if len(rule.MatchResources.Namespaces) == 0 { - matchedNS = GetAllNamespaces(pc.nsLister, log) - return pc.configHandler.FilterNamespaces(matchedNS) - } - - var wildcards []string - for _, nsName := range rule.MatchResources.Namespaces { - if stringutils.ContainsWildcard(nsName) { - wildcards = append(wildcards, nsName) - } - - matchedNS = append(matchedNS, nsName) - } - - if len(wildcards) > 0 { - wildcardMatches := GetMatchingNamespaces(wildcards, pc.nsLister, log) - matchedNS = append(matchedNS, wildcardMatches...) - } - - return pc.configHandler.FilterNamespaces(matchedNS) -} - -// GetMatchingNamespaces ... -func GetMatchingNamespaces(wildcards []string, nslister listerv1.NamespaceLister, log logr.Logger) []string { - all := GetAllNamespaces(nslister, log) - if len(all) == 0 { - return all - } - - var results []string - for _, wc := range wildcards { - for _, ns := range all { - if wildcard.Match(wc, ns) { - results = append(results, ns) - } - } - } - - return results -} - -// GetAllNamespaces gets all namespaces in the cluster -func GetAllNamespaces(nslister listerv1.NamespaceLister, log logr.Logger) []string { - var results []string - namespaces, err := nslister.List(labels.NewSelector()) - if err != nil { - log.Error(err, "Failed to list namespaces") - } - for _, n := range namespaces { - name := n.GetName() - results = append(results, name) - } - - return results -} - func (pc *PolicyController) getResourceList(kind, namespace string, labelSelector *metav1.LabelSelector, log logr.Logger) interface{} { resourceList, err := pc.client.ListResource("", kind, namespace, labelSelector) if err != nil { diff --git a/pkg/testrunner/scenario.go b/pkg/testrunner/scenario.go index 3525455476..04fc73ff4d 100644 --- a/pkg/testrunner/scenario.go +++ b/pkg/testrunner/scenario.go @@ -5,7 +5,6 @@ import ( "encoding/json" "io/ioutil" "os" - "path" ospath "path" "path/filepath" "reflect" @@ -74,7 +73,7 @@ type Generation struct { // it may not work as expected. func RootDir() string { _, b, _, _ := runtime.Caller(0) - d := path.Join(path.Dir(b)) + d := ospath.Join(ospath.Dir(b)) d = filepath.Dir(d) return filepath.Dir(d) } diff --git a/pkg/webhooks/metrics.go b/pkg/webhooks/metrics.go index 8e28a5f8ce..3c362449b9 100644 --- a/pkg/webhooks/metrics.go +++ b/pkg/webhooks/metrics.go @@ -5,7 +5,6 @@ import ( "github.com/go-logr/logr" kyverno "github.com/kyverno/kyverno/api/kyverno/v1" - v1 "github.com/kyverno/kyverno/api/kyverno/v1" "github.com/kyverno/kyverno/pkg/engine/response" "github.com/kyverno/kyverno/pkg/metrics" admissionRequests "github.com/kyverno/kyverno/pkg/metrics/admissionrequests" @@ -77,7 +76,7 @@ func (ws *WebhookServer) registerPolicyResultsMetricMutation(logger logr.Logger, }) } -func registerPolicyResultsMetricValidation(logger logr.Logger, promConfig *metrics.PromConfig, requestOperation string, policy v1.PolicyInterface, engineResponse response.EngineResponse) { +func registerPolicyResultsMetricValidation(logger logr.Logger, promConfig *metrics.PromConfig, requestOperation string, policy kyverno.PolicyInterface, engineResponse response.EngineResponse) { registerMetric(logger, "kyverno_policy_results_total", requestOperation, func(op metrics.ResourceRequestOperation) error { return policyResults.ProcessEngineResponse(promConfig, policy, engineResponse, metrics.AdmissionRequest, op) }) @@ -97,7 +96,7 @@ func (ws *WebhookServer) registerPolicyExecutionDurationMetricMutate(logger logr }) } -func registerPolicyExecutionDurationMetricValidate(logger logr.Logger, promConfig *metrics.PromConfig, requestOperation string, policy v1.PolicyInterface, engineResponse response.EngineResponse) { +func registerPolicyExecutionDurationMetricValidate(logger logr.Logger, promConfig *metrics.PromConfig, requestOperation string, policy kyverno.PolicyInterface, engineResponse response.EngineResponse) { registerMetric(logger, "kyverno_policy_execution_duration_seconds", requestOperation, func(op metrics.ResourceRequestOperation) error { return policyExecutionDuration.ProcessEngineResponse(promConfig, policy, engineResponse, metrics.AdmissionRequest, "", op) }) diff --git a/test/e2e/verifyimages/verifyimages_test.go b/test/e2e/verifyimages/verifyimages_test.go index c4d5d40293..92a76593f0 100644 --- a/test/e2e/verifyimages/verifyimages_test.go +++ b/test/e2e/verifyimages/verifyimages_test.go @@ -20,8 +20,6 @@ var ( crdGVR = e2e.GetGVR("apiextensions.k8s.io", "v1", "customresourcedefinitions") - // ClusterPolicy Namespace - policyNamespace = "" // Namespace Name // Hardcoded in YAML Definition nspace = "test-image-verify"