mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

fix: policy status reconciliation (#10032)

Browse source 
* fix: get latest policy object before updating status

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* chore: remove debug code

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
This commit is contained in:
shuting 2024-04-12 15:08:15 +08:00 committed by GitHub
parent 7c83ca189c
commit 3e7a7ac244
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 22 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
pkg/controllers/webhook/controller.go
View file

@ -487,9 +487,14 @@ func (c *controller) updatePolicyStatuses(ctx context.Context) error {
} }
for _, policy := range policies { for _, policy := range policies {
if policy.GetNamespace() == "" { if policy.GetNamespace() == "" {
_, err := controllerutils.UpdateStatus( p, err := c.kyvernoClient.KyvernoV1().ClusterPolicies().Get(ctx, policy.GetName(), metav1.GetOptions{})
if err != nil {
logger.Error(err, "failed to get latest clusterpolicy for status reconciliation", "policy", policy.GetName())
continue
}
_, err = controllerutils.UpdateStatus(
ctx, ctx,
policy.(*kyvernov1.ClusterPolicy), p,
c.kyvernoClient.KyvernoV1().ClusterPolicies(), c.kyvernoClient.KyvernoV1().ClusterPolicies(),
func(policy *kyvernov1.ClusterPolicy) error { func(policy *kyvernov1.ClusterPolicy) error {
return updateStatusFunc(policy) return updateStatusFunc(policy)
@ -499,9 +504,14 @@ func (c *controller) updatePolicyStatuses(ctx context.Context) error {
return err return err
} }
} else { } else {
_, err := controllerutils.UpdateStatus( p, err := c.kyvernoClient.KyvernoV1().Policies(policy.GetNamespace()).Get(ctx, policy.GetName(), metav1.GetOptions{})
if err != nil {
logger.Error(err, "failed to get latest policy for status reconciliation", "namespace", policy.GetNamespace, "policy", policy.GetName())
continue
}
_, err = controllerutils.UpdateStatus(
ctx, ctx,
policy.(*kyvernov1.Policy), p,
c.kyvernoClient.KyvernoV1().Policies(policy.GetNamespace()), c.kyvernoClient.KyvernoV1().Policies(policy.GetNamespace()),
func(policy *kyvernov1.Policy) error { func(policy *kyvernov1.Policy) error {
return updateStatusFunc(policy) return updateStatusFunc(policy)

3
pkg/engine/jmespath/functions_test.go
View file

@ -1243,7 +1243,7 @@ ZDGRs55xuoeLDJ/ZRFf9bI+IaCUd1YrfYcHIl3G87Av+r49YVwqRDT0VDV7uLgqn
// expectedResult: map[string]interface{}{}, // expectedResult: map[string]interface{}{},
// } // }
} }
for i, tc := range testCases { for _, tc := range testCases {
t.Run(tc.jmesPath, func(t *testing.T) { t.Run(tc.jmesPath, func(t *testing.T) {
jp, err := jmespathInterface.Query(tc.jmesPath) jp, err := jmespathInterface.Query(tc.jmesPath)
assert.NilError(t, err) assert.NilError(t, err)
@ -1255,7 +1255,6 @@ ZDGRs55xuoeLDJ/ZRFf9bI+IaCUd1YrfYcHIl3G87Av+r49YVwqRDT0VDV7uLgqn
res, ok := result.(map[string]interface{}) res, ok := result.(map[string]interface{})
assert.Assert(t, ok) assert.Assert(t, ok)
fmt.Println("======i", i)
assert.DeepEqual(t, res, tc.expectedResult) assert.DeepEqual(t, res, tc.expectedResult)
}) })
} }

9
pkg/utils/controller/utils.go
View file

@ -149,9 +149,14 @@ func Update[T interface {
func UpdateStatus[T interface { func UpdateStatus[T interface {
metav1.Object metav1.Object
DeepCopy[T] DeepCopy[T]
}, S StatusClient[T]](ctx context.Context, obj T, setter S, build func(T) error, }, S ObjectStatusClient[T]](ctx context.Context, obj T, setter S, build func(T) error,
) (T, error) { ) (T, error) {
mutated := obj.DeepCopy() var objNew T
objNew, err := setter.Get(ctx, obj.GetName(), metav1.GetOptions{})
if err != nil {
return objNew, err
}
mutated := objNew.DeepCopy()
if err := build(mutated); err != nil { if err := build(mutated); err != nil {
var d T var d T
return d, err return d, err