add best_practices scenario_mutate_safe-to-evict

2025-03-30 19:35:06 +00:00 · 2019-11-05 10:16:07 -08:00 · 2019-11-05 10:16:07 -08:00 · 489e55d6c3
commit 489e55d6c3
parent 764d0fede2
5 changed files with 98 additions and 3 deletions
--- a/pkg/engine/overlay.go
+++ b/pkg/engine/overlay.go
@ -69,7 +69,7 @@ func processOverlay(rule kyverno.Rule, resource unstructured.Unstructured) (resp

 	// rule application succesfuly
 	response.Success = true
-	response.Message = fmt.Sprintf("succesfully process overlay")
+	response.Message = fmt.Sprintf("successfully processed overlay")
 	response.Patches = patches
 	// apply the patches to the resource
 	return response, patchedResource
--- a/pkg/engine/overlay_test.go
+++ b/pkg/engine/overlay_test.go
@ -947,3 +947,96 @@ func TestProcessOverlayPatches_insertWithCondition(t *testing.T) {

 	compareJSONAsMap(t, expectedResult, doc)
 }
+
+func TestProcessOverlayPatches_InsertIfNotPresentWithConditions(t *testing.T) {
+	overlayRaw := []byte(`
+	{
+		"metadata": {
+		   "annotations": {
+			  "+(cluster-autoscaler.kubernetes.io/safe-to-evict)": true
+		   }
+		},
+		"spec": {
+		   "volumes": [
+			  {
+				 "(emptyDir)": {}
+			  }
+		   ]
+		}
+	 }`)
+
+	resourceRaw := []byte(`
+	{
+		"apiVersion": "v1",
+		"kind": "Pod",
+		"metadata": {
+		   "name": "pod-with-emptydir"
+		},
+		"spec": {
+		   "containers": [
+			  {
+				 "image": "k8s.gcr.io/test-webserver",
+				 "name": "test-container",
+				 "volumeMounts": [
+					{
+					   "mountPath": "/cache",
+					   "name": "cache-volume"
+					}
+				 ]
+			  }
+		   ],
+		   "volumes": [
+			  {
+				 "name": "cache-volume",
+				 "emptyDir": {}
+			  }
+		   ]
+		}
+	 }`)
+
+	var resource, overlay interface{}
+
+	json.Unmarshal(resourceRaw, &resource)
+	json.Unmarshal(overlayRaw, &overlay)
+
+	patches, err := processOverlayPatches(resource, overlay)
+	assert.NilError(t, err)
+	assert.Assert(t, len(patches) != 0)
+
+	doc, err := ApplyPatches(resourceRaw, patches)
+	assert.NilError(t, err)
+
+	expectedResult := []byte(`
+	{
+		"apiVersion": "v1",
+		"kind": "Pod",
+		"metadata": {
+		   "name": "pod-with-emptydir",
+		   "annotations": {
+			  "cluster-autoscaler.kubernetes.io/safe-to-evict": true
+		   }
+		},
+		"spec": {
+		   "containers": [
+			  {
+				 "image": "k8s.gcr.io/test-webserver",
+				 "name": "test-container",
+				 "volumeMounts": [
+					{
+					   "mountPath": "/cache",
+					   "name": "cache-volume"
+					}
+				 ]
+			  }
+		   ],
+		   "volumes": [
+			  {
+				 "name": "cache-volume",
+				 "emptyDir": {}
+			  }
+		   ]
+		}
+	 }`)
+
+	compareJSONAsMap(t, expectedResult, doc)
+}
--- a/test/output/pod-with-emptydir.yaml
+++ b/test/output/pod-with-emptydir.yaml
@ -2,6 +2,8 @@ apiVersion: v1
 kind: Pod
 metadata:
  name: pod-with-emptydir
+  annotations:
+    cluster-autoscaler.kubernetes.io/safe-to-evict: true
 spec:
  containers:
  - image: k8s.gcr.io/test-webserver
--- a/test/scenarios/other/scenario_mutate_validate_qos.yaml
+++ b/test/scenarios/other/scenario_mutate_validate_qos.yaml
@ -16,7 +16,7 @@ expected:
        - name: add-memory-limit
          type: Mutation
          success: true
-          message: succesfully process overlay
+          message: successfully processed overlay
  validation:
    policyresponse:
      policy: policy-qos
--- a/test/scenarios/samples/best_practices/scenario_mutate_safe-to-evict.yaml
+++ b/test/scenarios/samples/best_practices/scenario_mutate_safe-to-evict.yaml
@ -16,4 +16,4 @@ expected:
        - name: add-safe-to-evict-annotation
          type: Mutation
          success: true
-          message: "succesfully processed overlay"
+          message: "successfully processed overlay"