mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-04-08 18:15:48 +00:00
Code Activity

- add status to gr; - add printer column to gr

Browse source
This commit is contained in:
Shuting Zhao 2020-11-18 12:07:25 -08:00
parent c791c2047a
commit 50c72e871f
5 changed files with 185 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
charts/kyverno/crds/crds.yaml
View file

@ -1263,13 +1263,34 @@ spec:
kind: GenerateRequest
listKind: GenerateRequestList
plural: generaterequests
shortNames:
- gr
singular: generaterequest
scope: Namespaced
versions:
- name: v1
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: string
name: v1
schema:
openAPIV3Schema:
description: GenerateRequest is a request to process generate rule
description: GenerateRequest is a request to process generate rule.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -1284,31 +1305,31 @@ spec:
metadata:
type: object
spec:
description: Spec is the information to identify the generate request
description: Spec is the information to identify the generate request.
properties:
context:
description: Context ...
properties:
userInfo:
description: RequestInfo contains permission info carried in an
admission request
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request
request.
properties:
extra:
additionalProperties:
@ -1339,11 +1360,11 @@ spec:
type: object
type: object
policy:
description: Specifies the name of the policy
description: Specifies the name of the policy.
type: string
resource:
description: ResourceSpec is the information to identify the generate
request
request.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
@ -1364,11 +1385,11 @@ spec:
- resource
type: object
status:
description: Status contains statistics related to generate request
description: Status contains statistics related to generate request.
properties:
generatedResources:
description: This will track the resources that are generated by the
generate Policy Will be used during clean up resources
generate Policy. Will be used during clean up resources.
items:
description: ResourceSpec contains information to identify a resource.
properties:
@ -1387,10 +1408,10 @@ spec:
type: object
type: array
message:
description: Specifies request status message
description: Specifies request status message.
type: string
state:
description: State represents state of the generate request
description: State represents state of the generate request.
type: string
required:
- state
@ -1401,6 +1422,8 @@ spec:
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
@ -2658,4 +2681,4 @@ status:
kind: ""
plural: ""
conditions: []
storedVersions: []
storedVersions: []

49
definitions/crds/kyverno.io_generaterequests.yaml
View file

@ -13,13 +13,34 @@ spec:
kind: GenerateRequest
listKind: GenerateRequestList
plural: generaterequests
shortNames:
- gr
singular: generaterequest
scope: Namespaced
versions:
- name: v1
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: string
name: v1
schema:
openAPIV3Schema:
description: GenerateRequest is a request to process generate rule
description: GenerateRequest is a request to process generate rule.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -34,31 +55,31 @@ spec:
metadata:
type: object
spec:
description: Spec is the information to identify the generate request
description: Spec is the information to identify the generate request.
properties:
context:
description: Context ...
properties:
userInfo:
description: RequestInfo contains permission info carried in an
admission request
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request
request.
properties:
extra:
additionalProperties:
@ -89,11 +110,11 @@ spec:
type: object
type: object
policy:
description: Specifies the name of the policy
description: Specifies the name of the policy.
type: string
resource:
description: ResourceSpec is the information to identify the generate
request
request.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
@ -114,11 +135,11 @@ spec:
- resource
type: object
status:
description: Status contains statistics related to generate request
description: Status contains statistics related to generate request.
properties:
generatedResources:
description: This will track the resources that are generated by the
generate Policy Will be used during clean up resources
generate Policy. Will be used during clean up resources.
items:
description: ResourceSpec contains information to identify a resource.
properties:
@ -137,10 +158,10 @@ spec:
type: object
type: array
message:
description: Specifies request status message
description: Specifies request status message.
type: string
state:
description: State represents state of the generate request
description: State represents state of the generate request.
type: string
required:
- state
@ -151,6 +172,8 @@ spec:
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""

51
definitions/install.yaml
View file

@ -1268,13 +1268,34 @@ spec:
kind: GenerateRequest
listKind: GenerateRequestList
plural: generaterequests
shortNames:
- gr
singular: generaterequest
scope: Namespaced
versions:
- name: v1
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: string
name: v1
schema:
openAPIV3Schema:
description: GenerateRequest is a request to process generate rule
description: GenerateRequest is a request to process generate rule.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -1289,31 +1310,31 @@ spec:
metadata:
type: object
spec:
description: Spec is the information to identify the generate request
description: Spec is the information to identify the generate request.
properties:
context:
description: Context ...
properties:
userInfo:
description: RequestInfo contains permission info carried in an
admission request
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request
request.
properties:
extra:
additionalProperties:
@ -1344,11 +1365,11 @@ spec:
type: object
type: object
policy:
description: Specifies the name of the policy
description: Specifies the name of the policy.
type: string
resource:
description: ResourceSpec is the information to identify the generate
request
request.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
@ -1369,11 +1390,11 @@ spec:
- resource
type: object
status:
description: Status contains statistics related to generate request
description: Status contains statistics related to generate request.
properties:
generatedResources:
description: This will track the resources that are generated by the
generate Policy Will be used during clean up resources
generate Policy. Will be used during clean up resources.
items:
description: ResourceSpec contains information to identify a resource.
properties:
@ -1392,10 +1413,10 @@ spec:
type: object
type: array
message:
description: Specifies request status message
description: Specifies request status message.
type: string
state:
description: State represents state of the generate request
description: State represents state of the generate request.
type: string
required:
- state
@ -1406,6 +1427,8 @@ spec:
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
@ -3125,4 +3148,4 @@ spec:
runAsUser: 1000
securityContext:
runAsNonRoot: true
serviceAccountName: kyverno-service-account
serviceAccountName: kyverno-service-account

51
definitions/install_debug.yaml
View file

@ -1268,13 +1268,34 @@ spec:
kind: GenerateRequest
listKind: GenerateRequestList
plural: generaterequests
shortNames:
- gr
singular: generaterequest
scope: Namespaced
versions:
- name: v1
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: string
name: v1
schema:
openAPIV3Schema:
description: GenerateRequest is a request to process generate rule
description: GenerateRequest is a request to process generate rule.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
@ -1289,31 +1310,31 @@ spec:
metadata:
type: object
spec:
description: Spec is the information to identify the generate request
description: Spec is the information to identify the generate request.
properties:
context:
description: Context ...
properties:
userInfo:
description: RequestInfo contains permission info carried in an
admission request
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request
request.
properties:
extra:
additionalProperties:
@ -1344,11 +1365,11 @@ spec:
type: object
type: object
policy:
description: Specifies the name of the policy
description: Specifies the name of the policy.
type: string
resource:
description: ResourceSpec is the information to identify the generate
request
request.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
@ -1369,11 +1390,11 @@ spec:
- resource
type: object
status:
description: Status contains statistics related to generate request
description: Status contains statistics related to generate request.
properties:
generatedResources:
description: This will track the resources that are generated by the
generate Policy Will be used during clean up resources
generate Policy. Will be used during clean up resources.
items:
description: ResourceSpec contains information to identify a resource.
properties:
@ -1392,10 +1413,10 @@ spec:
type: object
type: array
message:
description: Specifies request status message
description: Specifies request status message.
type: string
state:
description: State represents state of the generate request
description: State represents state of the generate request.
type: string
required:
- state
@ -1406,6 +1427,8 @@ spec:
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
@ -3036,4 +3059,4 @@ spec:
- port: 443
targetPort: https
selector:
app: kyverno
app: kyverno

60
pkg/api/kyverno/v1/generaterequest_types.go
View file

@ -5,79 +5,95 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// GenerateRequest is a request to process generate rule.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
//GenerateRequest is a request to process generate rule
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Policy",type="string",JSONPath=".spec.policy"
// +kubebuilder:printcolumn:name="ResourceKind",type="string",JSONPath=".spec.resource.kind"
// +kubebuilder:printcolumn:name="ResourceName",type="string",JSONPath=".spec.resource.name"
// +kubebuilder:printcolumn:name="ResourceNamespace",type="string",JSONPath=".spec.resource.namespace"
// +kubebuilder:printcolumn:name="status",type="string",JSONPath=".status.state"
// +kubebuilder:printcolumn:name="Age",type="string",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:shortName=gr
type GenerateRequest struct {
metav1.TypeMeta `json:",inline" yaml:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
// Spec is the information to identify the generate request
// Spec is the information to identify the generate request.
Spec GenerateRequestSpec `json:"spec" yaml:"spec"`
// Status contains statistics related to generate request
// Status contains statistics related to generate request.
Status GenerateRequestStatus `json:"status" yaml:"status"`
}
//GenerateRequestSpec stores the request specification
// GenerateRequestSpec stores the request specification.
type GenerateRequestSpec struct {
// Specifies the name of the policy
// Specifies the name of the policy.
Policy string `json:"policy" yaml:"policy"`
// ResourceSpec is the information to identify the generate request
// ResourceSpec is the information to identify the generate request.
Resource ResourceSpec `json:"resource" yaml:"resource"`
// Context ...
Context GenerateRequestContext `json:"context" yaml:"context"`
}
//GenerateRequestContext stores the context to be shared
// GenerateRequestContext stores the context to be shared.
type GenerateRequestContext struct {
// +optional
UserRequestInfo RequestInfo `json:"userInfo,omitempty" yaml:"userInfo,omitempty"`
}
// RequestInfo contains permission info carried in an admission request
// RequestInfo contains permission info carried in an admission request.
type RequestInfo struct {
// Roles is a list of possible role send the request
// Roles is a list of possible role send the request.
// +nullable
// +optional
Roles []string `json:"roles" yaml:"roles"`
// ClusterRoles is a list of possible clusterRoles send the request
// ClusterRoles is a list of possible clusterRoles send the request.
// +nullable
// +optional
ClusterRoles []string `json:"clusterRoles" yaml:"clusterRoles"`
// UserInfo is the userInfo carried in the admission request
// UserInfo is the userInfo carried in the admission request.
// +optional
AdmissionUserInfo authenticationv1.UserInfo `json:"userInfo" yaml:"userInfo"`
}
//GenerateRequestStatus stores the status of generated request
// GenerateRequestStatus stores the status of generated request.
type GenerateRequestStatus struct {
// State represents state of the generate request
// State represents state of the generate request.
State GenerateRequestState `json:"state" yaml:"state"`
// Specifies request status message
// Specifies request status message.
// +optional
Message string `json:"message,omitempty" yaml:"message,omitempty"`
// This will track the resources that are generated by the generate Policy
// Will be used during clean up resources
// This will track the resources that are generated by the generate Policy.
// Will be used during clean up resources.
GeneratedResources []ResourceSpec `json:"generatedResources,omitempty" yaml:"generatedResources,omitempty"`
}
//GenerateRequestState defines the state of
// GenerateRequestState defines the state of request.
type GenerateRequestState string
const (
//Pending - the Request is yet to be processed or resource has not been created
// Pending - the Request is yet to be processed or resource has not been created.
Pending GenerateRequestState = "Pending"
//Failed - the Generate Request Controller failed to process the rules
// Failed - the Generate Request Controller failed to process the rules.
Failed GenerateRequestState = "Failed"
//Completed - the Generate Request Controller created resources defined in the policy
// Completed - the Generate Request Controller created resources defined in the policy.
Completed GenerateRequestState = "Completed"
)
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
//GenerateRequestList stores the list of generate requests
// GenerateRequestList stores the list of generate requests.
type GenerateRequestList struct {
metav1.TypeMeta `json:",inline" yaml:",inline"`
metav1.ListMeta `json:"metadata" yaml:"metadata"`