mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-15 20:20:22 +00:00
chore: make dclient import aliases consistent (#3951)
* chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make dclient api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
This commit is contained in:
parent
666bcb3c15
commit
5243763674
28 changed files with 76 additions and 74 deletions
|
@ -53,3 +53,5 @@ linters-settings:
|
||||||
alias: $1$2
|
alias: $1$2
|
||||||
- pkg: k8s.io/api/(\w+)/(v[\w\d]+)
|
- pkg: k8s.io/api/(\w+)/(v[\w\d]+)
|
||||||
alias: $1$2
|
alias: $1$2
|
||||||
|
- pkg: github.com/kyverno/kyverno/pkg/dclient
|
||||||
|
alias: dclient
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/common"
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/common"
|
||||||
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
||||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/openapi"
|
"github.com/kyverno/kyverno/pkg/openapi"
|
||||||
policy2 "github.com/kyverno/kyverno/pkg/policy"
|
policy2 "github.com/kyverno/kyverno/pkg/policy"
|
||||||
"github.com/kyverno/kyverno/pkg/policyreport"
|
"github.com/kyverno/kyverno/pkg/policyreport"
|
||||||
|
@ -170,13 +170,13 @@ func applyCommandHelper(resourcePaths []string, userInfoPath string, cluster boo
|
||||||
return rc, resources, skipInvalidPolicies, pvInfos, sanitizederror.NewWithError("failed to initialize openAPIController", err)
|
return rc, resources, skipInvalidPolicies, pvInfos, sanitizederror.NewWithError("failed to initialize openAPIController", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
var dClient client.Interface
|
var dClient dclient.Interface
|
||||||
if cluster {
|
if cluster {
|
||||||
restConfig, err := kubernetesConfig.ToRESTConfig()
|
restConfig, err := kubernetesConfig.ToRESTConfig()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return rc, resources, skipInvalidPolicies, pvInfos, err
|
return rc, resources, skipInvalidPolicies, pvInfos, err
|
||||||
}
|
}
|
||||||
dClient, err = client.NewClient(restConfig, 15*time.Minute, make(chan struct{}))
|
dClient, err = dclient.NewClient(restConfig, 15*time.Minute, make(chan struct{}))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return rc, resources, skipInvalidPolicies, pvInfos, err
|
return rc, resources, skipInvalidPolicies, pvInfos, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,7 +25,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
||||||
"github.com/kyverno/kyverno/pkg/autogen"
|
"github.com/kyverno/kyverno/pkg/autogen"
|
||||||
"github.com/kyverno/kyverno/pkg/background/generate"
|
"github.com/kyverno/kyverno/pkg/background/generate"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
"github.com/kyverno/kyverno/pkg/openapi"
|
"github.com/kyverno/kyverno/pkg/openapi"
|
||||||
policy2 "github.com/kyverno/kyverno/pkg/policy"
|
policy2 "github.com/kyverno/kyverno/pkg/policy"
|
||||||
|
@ -708,7 +708,7 @@ func getFullPath(paths []string, policyResourcePath string, isGit bool) []string
|
||||||
|
|
||||||
func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool, policyResourcePath string, rc *resultCounts, openAPIController *openapi.Controller, tf *testFilter) (err error) {
|
func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool, policyResourcePath string, rc *resultCounts, openAPIController *openapi.Controller, tf *testFilter) (err error) {
|
||||||
engineResponses := make([]*response.EngineResponse, 0)
|
engineResponses := make([]*response.EngineResponse, 0)
|
||||||
var dClient client.Interface
|
var dClient dclient.Interface
|
||||||
values := &Test{}
|
values := &Test{}
|
||||||
var variablesString string
|
var variablesString string
|
||||||
var pvInfos []policyreport.Info
|
var pvInfos []policyreport.Info
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
||||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
||||||
"github.com/kyverno/kyverno/pkg/autogen"
|
"github.com/kyverno/kyverno/pkg/autogen"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
engineContext "github.com/kyverno/kyverno/pkg/engine/context"
|
engineContext "github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
|
@ -654,7 +654,7 @@ func GetPoliciesFromPaths(fs billy.Filesystem, dirPath []string, isGit bool, pol
|
||||||
|
|
||||||
// GetResourceAccordingToResourcePath - get resources according to the resource path
|
// GetResourceAccordingToResourcePath - get resources according to the resource path
|
||||||
func GetResourceAccordingToResourcePath(fs billy.Filesystem, resourcePaths []string,
|
func GetResourceAccordingToResourcePath(fs billy.Filesystem, resourcePaths []string,
|
||||||
cluster bool, policies []kyvernov1.PolicyInterface, dClient client.Interface, namespace string, policyReport bool, isGit bool, policyResourcePath string,
|
cluster bool, policies []kyvernov1.PolicyInterface, dClient dclient.Interface, namespace string, policyReport bool, isGit bool, policyResourcePath string,
|
||||||
) (resources []*unstructured.Unstructured, err error) {
|
) (resources []*unstructured.Unstructured, err error) {
|
||||||
if isGit {
|
if isGit {
|
||||||
resources, err = GetResourcesWithTest(fs, policies, resourcePaths, isGit, policyResourcePath)
|
resources, err = GetResourcesWithTest(fs, policies, resourcePaths, isGit, policyResourcePath)
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
"github.com/go-git/go-billy/v5"
|
"github.com/go-git/go-billy/v5"
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
"github.com/kyverno/kyverno/pkg/autogen"
|
"github.com/kyverno/kyverno/pkg/autogen"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
engineutils "github.com/kyverno/kyverno/pkg/engine/utils"
|
engineutils "github.com/kyverno/kyverno/pkg/engine/utils"
|
||||||
yamlutils "github.com/kyverno/kyverno/pkg/utils/yaml"
|
yamlutils "github.com/kyverno/kyverno/pkg/utils/yaml"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
|
@ -26,7 +26,7 @@ import (
|
||||||
// the resources are fetched from
|
// the resources are fetched from
|
||||||
// - local paths to resources, if given
|
// - local paths to resources, if given
|
||||||
// - the k8s cluster, if given
|
// - the k8s cluster, if given
|
||||||
func GetResources(policies []kyvernov1.PolicyInterface, resourcePaths []string, dClient client.Interface, cluster bool, namespace string, policyReport bool) ([]*unstructured.Unstructured, error) {
|
func GetResources(policies []kyvernov1.PolicyInterface, resourcePaths []string, dClient dclient.Interface, cluster bool, namespace string, policyReport bool) ([]*unstructured.Unstructured, error) {
|
||||||
resources := make([]*unstructured.Unstructured, 0)
|
resources := make([]*unstructured.Unstructured, 0)
|
||||||
var err error
|
var err error
|
||||||
resourceTypesMap := make(map[string]bool)
|
resourceTypesMap := make(map[string]bool)
|
||||||
|
@ -59,7 +59,7 @@ func GetResources(policies []kyvernov1.PolicyInterface, resourcePaths []string,
|
||||||
return resources, err
|
return resources, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func whenClusterIsTrue(resourceTypes []string, dClient client.Interface, namespace string, resourcePaths []string, policyReport bool) ([]*unstructured.Unstructured, error) {
|
func whenClusterIsTrue(resourceTypes []string, dClient dclient.Interface, namespace string, resourcePaths []string, policyReport bool) ([]*unstructured.Unstructured, error) {
|
||||||
resources := make([]*unstructured.Unstructured, 0)
|
resources := make([]*unstructured.Unstructured, 0)
|
||||||
resourceMap, err := getResourcesOfTypeFromCluster(resourceTypes, dClient, namespace)
|
resourceMap, err := getResourcesOfTypeFromCluster(resourceTypes, dClient, namespace)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -186,7 +186,7 @@ func GetResource(resourceBytes []byte) ([]*unstructured.Unstructured, error) {
|
||||||
return resources, nil
|
return resources, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func getResourcesOfTypeFromCluster(resourceTypes []string, dClient client.Interface, namespace string) (map[string]*unstructured.Unstructured, error) {
|
func getResourcesOfTypeFromCluster(resourceTypes []string, dClient dclient.Interface, namespace string) (map[string]*unstructured.Unstructured, error) {
|
||||||
r := make(map[string]*unstructured.Unstructured)
|
r := make(map[string]*unstructured.Unstructured)
|
||||||
|
|
||||||
for _, kind := range resourceTypes {
|
for _, kind := range resourceTypes {
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
||||||
kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
|
kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
engineUtils "github.com/kyverno/kyverno/pkg/engine/utils"
|
engineUtils "github.com/kyverno/kyverno/pkg/engine/utils"
|
||||||
"github.com/kyverno/kyverno/pkg/leaderelection"
|
"github.com/kyverno/kyverno/pkg/leaderelection"
|
||||||
"github.com/kyverno/kyverno/pkg/policyreport"
|
"github.com/kyverno/kyverno/pkg/policyreport"
|
||||||
|
@ -82,7 +82,7 @@ func main() {
|
||||||
|
|
||||||
// DYNAMIC CLIENT
|
// DYNAMIC CLIENT
|
||||||
// - client for all registered resources
|
// - client for all registered resources
|
||||||
client, err := client.NewClient(clientConfig, 15*time.Minute, stopCh)
|
client, err := dclient.NewClient(clientConfig, 15*time.Minute, stopCh)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
setupLog.Error(err, "Failed to create client")
|
setupLog.Error(err, "Failed to create client")
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
|
@ -203,7 +203,7 @@ func acquireLeader(ctx context.Context, kubeClient kubernetes.Interface) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func executeRequest(client client.Interface, kyvernoclient kyvernoclient.Interface, req request) error {
|
func executeRequest(client dclient.Interface, kyvernoclient kyvernoclient.Interface, req request) error {
|
||||||
switch req.kind {
|
switch req.kind {
|
||||||
case policyReportKind:
|
case policyReportKind:
|
||||||
return removePolicyReport(client, req.kind)
|
return removePolicyReport(client, req.kind)
|
||||||
|
@ -253,7 +253,7 @@ func gen(done <-chan struct{}, stopCh <-chan struct{}, requests ...request) <-ch
|
||||||
}
|
}
|
||||||
|
|
||||||
// processes the requests
|
// processes the requests
|
||||||
func process(client client.Interface, kyvernoclient kyvernoclient.Interface, done <-chan struct{}, stopCh <-chan struct{}, requests <-chan request) <-chan error {
|
func process(client dclient.Interface, kyvernoclient kyvernoclient.Interface, done <-chan struct{}, stopCh <-chan struct{}, requests <-chan request) <-chan error {
|
||||||
logger := log.Log.WithName("process")
|
logger := log.Log.WithName("process")
|
||||||
out := make(chan error)
|
out := make(chan error)
|
||||||
go func() {
|
go func() {
|
||||||
|
@ -307,7 +307,7 @@ func merge(done <-chan struct{}, stopCh <-chan struct{}, processes ...<-chan err
|
||||||
return out
|
return out
|
||||||
}
|
}
|
||||||
|
|
||||||
func removeClusterPolicyReport(client client.Interface, kind string) error {
|
func removeClusterPolicyReport(client dclient.Interface, kind string) error {
|
||||||
logger := log.Log.WithName("removeClusterPolicyReport")
|
logger := log.Log.WithName("removeClusterPolicyReport")
|
||||||
|
|
||||||
cpolrs, err := client.ListResource("", kind, "", policyreport.LabelSelector)
|
cpolrs, err := client.ListResource("", kind, "", policyreport.LabelSelector)
|
||||||
|
@ -322,7 +322,7 @@ func removeClusterPolicyReport(client client.Interface, kind string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func removePolicyReport(client client.Interface, kind string) error {
|
func removePolicyReport(client dclient.Interface, kind string) error {
|
||||||
logger := log.Log.WithName("removePolicyReport")
|
logger := log.Log.WithName("removePolicyReport")
|
||||||
|
|
||||||
polrs, err := client.ListResource("", kind, metav1.NamespaceAll, policyreport.LabelSelector)
|
polrs, err := client.ListResource("", kind, metav1.NamespaceAll, policyreport.LabelSelector)
|
||||||
|
@ -338,7 +338,7 @@ func removePolicyReport(client client.Interface, kind string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func addClusterPolicyReportSelectorLabel(client client.Interface) {
|
func addClusterPolicyReportSelectorLabel(client dclient.Interface) {
|
||||||
logger := log.Log.WithName("addClusterPolicyReportSelectorLabel")
|
logger := log.Log.WithName("addClusterPolicyReportSelectorLabel")
|
||||||
|
|
||||||
cpolrs, err := client.ListResource("", clusterPolicyReportKind, "", updateLabelSelector)
|
cpolrs, err := client.ListResource("", clusterPolicyReportKind, "", updateLabelSelector)
|
||||||
|
@ -354,7 +354,7 @@ func addClusterPolicyReportSelectorLabel(client client.Interface) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func addPolicyReportSelectorLabel(client client.Interface) {
|
func addPolicyReportSelectorLabel(client dclient.Interface) {
|
||||||
logger := log.Log.WithName("addPolicyReportSelectorLabel")
|
logger := log.Log.WithName("addPolicyReportSelectorLabel")
|
||||||
|
|
||||||
polrs, err := client.ListResource("", policyReportKind, metav1.NamespaceAll, updateLabelSelector)
|
polrs, err := client.ListResource("", policyReportKind, metav1.NamespaceAll, updateLabelSelector)
|
||||||
|
@ -370,7 +370,7 @@ func addPolicyReportSelectorLabel(client client.Interface) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func removeReportChangeRequest(client client.Interface, kind string) error {
|
func removeReportChangeRequest(client dclient.Interface, kind string) error {
|
||||||
logger := log.Log.WithName("removeReportChangeRequest")
|
logger := log.Log.WithName("removeReportChangeRequest")
|
||||||
|
|
||||||
ns := config.KyvernoNamespace()
|
ns := config.KyvernoNamespace()
|
||||||
|
@ -387,7 +387,7 @@ func removeReportChangeRequest(client client.Interface, kind string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func removeClusterReportChangeRequest(client client.Interface, kind string) error {
|
func removeClusterReportChangeRequest(client dclient.Interface, kind string) error {
|
||||||
crcrList, err := client.ListResource("", kind, "", nil)
|
crcrList, err := client.ListResource("", kind, "", nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Log.Error(err, "failed to list clusterReportChangeRequest")
|
log.Log.Error(err, "failed to list clusterReportChangeRequest")
|
||||||
|
@ -400,7 +400,7 @@ func removeClusterReportChangeRequest(client client.Interface, kind string) erro
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func deleteResource(client client.Interface, apiversion, kind, ns, name string) {
|
func deleteResource(client dclient.Interface, apiversion, kind, ns, name string) {
|
||||||
err := client.DeleteResource(apiversion, kind, ns, name, false)
|
err := client.DeleteResource(apiversion, kind, ns, name, false)
|
||||||
if err != nil && !errors.IsNotFound(err) {
|
if err != nil && !errors.IsNotFound(err) {
|
||||||
log.Log.Error(err, "failed to delete resource", "kind", kind, "name", name)
|
log.Log.Error(err, "failed to delete resource", "kind", kind, "name", name)
|
||||||
|
@ -410,7 +410,7 @@ func deleteResource(client client.Interface, apiversion, kind, ns, name string)
|
||||||
log.Log.Info("successfully cleaned up resource", "kind", kind, "name", name)
|
log.Log.Info("successfully cleaned up resource", "kind", kind, "name", name)
|
||||||
}
|
}
|
||||||
|
|
||||||
func addSelectorLabel(client client.Interface, apiversion, kind, ns, name string) {
|
func addSelectorLabel(client dclient.Interface, apiversion, kind, ns, name string) {
|
||||||
res, err := client.GetResource(apiversion, kind, ns, name)
|
res, err := client.GetResource(apiversion, kind, ns, name)
|
||||||
if err != nil && !errors.IsNotFound(err) {
|
if err != nil && !errors.IsNotFound(err) {
|
||||||
log.Log.Error(err, "failed to get resource", "kind", kind, "name", name)
|
log.Log.Error(err, "failed to get resource", "kind", kind, "name", name)
|
||||||
|
|
|
@ -4,7 +4,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"reflect"
|
"reflect"
|
||||||
|
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
authorizationv1 "k8s.io/api/authorization/v1"
|
authorizationv1 "k8s.io/api/authorization/v1"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
@ -15,11 +15,11 @@ type CanIOptions struct {
|
||||||
namespace string
|
namespace string
|
||||||
verb string
|
verb string
|
||||||
kind string
|
kind string
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewCanI returns a new instance of operation access controller evaluator
|
// NewCanI returns a new instance of operation access controller evaluator
|
||||||
func NewCanI(client client.Interface, kind, namespace, verb string) *CanIOptions {
|
func NewCanI(client dclient.Interface, kind, namespace, verb string) *CanIOptions {
|
||||||
return &CanIOptions{
|
return &CanIOptions{
|
||||||
namespace: namespace,
|
namespace: namespace,
|
||||||
kind: kind,
|
kind: kind,
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import "sigs.k8s.io/controller-runtime/pkg/log"
|
import "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package client
|
package dclient
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
|
@ -3,7 +3,7 @@ package engine
|
||||||
import (
|
import (
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/context"
|
"github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
)
|
)
|
||||||
|
@ -26,7 +26,7 @@ type PolicyContext struct {
|
||||||
AdmissionInfo kyvernov1beta1.RequestInfo
|
AdmissionInfo kyvernov1beta1.RequestInfo
|
||||||
|
|
||||||
// Dynamic client - used for api lookups
|
// Dynamic client - used for api lookups
|
||||||
Client client.Interface
|
Client dclient.Interface
|
||||||
|
|
||||||
// Config handler
|
// Config handler
|
||||||
ExcludeGroupRole []string
|
ExcludeGroupRole []string
|
||||||
|
|
|
@ -7,7 +7,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
|
"github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
|
||||||
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
||||||
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
errors "k8s.io/apimachinery/pkg/api/errors"
|
errors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
@ -21,7 +21,7 @@ import (
|
||||||
|
|
||||||
// Generator generate events
|
// Generator generate events
|
||||||
type Generator struct {
|
type Generator struct {
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
// list/get cluster policy
|
// list/get cluster policy
|
||||||
cpLister kyvernolister.ClusterPolicyLister
|
cpLister kyvernolister.ClusterPolicyLister
|
||||||
// list/get policy
|
// list/get policy
|
||||||
|
@ -46,7 +46,7 @@ type Interface interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewEventGenerator to generate a new event controller
|
// NewEventGenerator to generate a new event controller
|
||||||
func NewEventGenerator(client client.Interface, cpInformer kyvernoinformer.ClusterPolicyInformer, pInformer kyvernoinformer.PolicyInformer, log logr.Logger) *Generator {
|
func NewEventGenerator(client dclient.Interface, cpInformer kyvernoinformer.ClusterPolicyInformer, pInformer kyvernoinformer.PolicyInformer, log logr.Logger) *Generator {
|
||||||
gen := Generator{
|
gen := Generator{
|
||||||
client: client,
|
client: client,
|
||||||
cpLister: cpInformer.Lister(),
|
cpLister: cpInformer.Lister(),
|
||||||
|
@ -65,7 +65,7 @@ func rateLimiter() workqueue.RateLimiter {
|
||||||
return workqueue.DefaultItemBasedRateLimiter()
|
return workqueue.DefaultItemBasedRateLimiter()
|
||||||
}
|
}
|
||||||
|
|
||||||
func initRecorder(client client.Interface, eventSource Source, log logr.Logger) record.EventRecorder {
|
func initRecorder(client dclient.Interface, eventSource Source, log logr.Logger) record.EventRecorder {
|
||||||
// Initialize Event Broadcaster
|
// Initialize Event Broadcaster
|
||||||
err := scheme.AddToScheme(scheme.Scheme)
|
err := scheme.AddToScheme(scheme.Scheme)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
|
|
||||||
"github.com/googleapis/gnostic/compiler"
|
"github.com/googleapis/gnostic/compiler"
|
||||||
openapiv2 "github.com/googleapis/gnostic/openapiv2"
|
openapiv2 "github.com/googleapis/gnostic/openapiv2"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
@ -20,7 +20,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type crdSync struct {
|
type crdSync struct {
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
controller *Controller
|
controller *Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -52,7 +52,7 @@ var crdDefinitionNew struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewCRDSync ...
|
// NewCRDSync ...
|
||||||
func NewCRDSync(client client.Interface, controller *Controller) *crdSync {
|
func NewCRDSync(client dclient.Interface, controller *Controller) *crdSync {
|
||||||
if controller == nil {
|
if controller == nil {
|
||||||
panic(fmt.Errorf("nil controller sent into crd sync"))
|
panic(fmt.Errorf("nil controller sent into crd sync"))
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
jsonpatch "github.com/evanphx/json-patch/v5"
|
jsonpatch "github.com/evanphx/json-patch/v5"
|
||||||
"github.com/go-logr/logr"
|
"github.com/go-logr/logr"
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/context"
|
"github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
|
@ -20,7 +20,7 @@ import (
|
||||||
// applyPolicy applies policy on a resource
|
// applyPolicy applies policy on a resource
|
||||||
func applyPolicy(policy kyvernov1.PolicyInterface, resource unstructured.Unstructured,
|
func applyPolicy(policy kyvernov1.PolicyInterface, resource unstructured.Unstructured,
|
||||||
logger logr.Logger, excludeGroupRole []string,
|
logger logr.Logger, excludeGroupRole []string,
|
||||||
client client.Interface, namespaceLabels map[string]string,
|
client dclient.Interface, namespaceLabels map[string]string,
|
||||||
) (responses []*response.EngineResponse) {
|
) (responses []*response.EngineResponse) {
|
||||||
startTime := time.Now()
|
startTime := time.Now()
|
||||||
defer func() {
|
defer func() {
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
||||||
urkyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1beta1"
|
urkyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1beta1"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/event"
|
"github.com/kyverno/kyverno/pkg/event"
|
||||||
"github.com/kyverno/kyverno/pkg/metrics"
|
"github.com/kyverno/kyverno/pkg/metrics"
|
||||||
"github.com/kyverno/kyverno/pkg/policyreport"
|
"github.com/kyverno/kyverno/pkg/policyreport"
|
||||||
|
@ -53,7 +53,7 @@ const (
|
||||||
// PolicyController is responsible for synchronizing Policy objects stored
|
// PolicyController is responsible for synchronizing Policy objects stored
|
||||||
// in the system with the corresponding policy violations
|
// in the system with the corresponding policy violations
|
||||||
type PolicyController struct {
|
type PolicyController struct {
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
kyvernoClient kyvernoclient.Interface
|
kyvernoClient kyvernoclient.Interface
|
||||||
pInformer kyvernoinformer.ClusterPolicyInformer
|
pInformer kyvernoinformer.ClusterPolicyInformer
|
||||||
npInformer kyvernoinformer.PolicyInformer
|
npInformer kyvernoinformer.PolicyInformer
|
||||||
|
@ -98,7 +98,7 @@ type PolicyController struct {
|
||||||
func NewPolicyController(
|
func NewPolicyController(
|
||||||
kubeClient kubernetes.Interface,
|
kubeClient kubernetes.Interface,
|
||||||
kyvernoClient kyvernoclient.Interface,
|
kyvernoClient kyvernoclient.Interface,
|
||||||
client client.Interface,
|
client dclient.Interface,
|
||||||
pInformer kyvernoinformer.ClusterPolicyInformer,
|
pInformer kyvernoinformer.ClusterPolicyInformer,
|
||||||
npInformer kyvernoinformer.PolicyInformer,
|
npInformer kyvernoinformer.PolicyInformer,
|
||||||
urInformer urkyvernoinformer.UpdateRequestInformer,
|
urInformer urkyvernoinformer.UpdateRequestInformer,
|
||||||
|
@ -504,7 +504,7 @@ func (pc *PolicyController) getPolicy(key string) (policy kyvernov1.PolicyInterf
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func generateTriggers(client client.Interface, rule kyvernov1.Rule, log logr.Logger) []*unstructured.Unstructured {
|
func generateTriggers(client dclient.Interface, rule kyvernov1.Rule, log logr.Logger) []*unstructured.Unstructured {
|
||||||
list := &unstructured.UnstructuredList{}
|
list := &unstructured.UnstructuredList{}
|
||||||
|
|
||||||
kinds := fetchUniqueKinds(rule)
|
kinds := fetchUniqueKinds(rule)
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/context"
|
"github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
|
@ -203,12 +203,12 @@ func runTestCase(t *testing.T, tc TestCase) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func createNamespace(client client.Interface, ns *unstructured.Unstructured) error {
|
func createNamespace(client dclient.Interface, ns *unstructured.Unstructured) error {
|
||||||
_, err := client.CreateResource("", "Namespace", "", ns, false)
|
_, err := client.CreateResource("", "Namespace", "", ns, false)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateGeneratedResources(t *testing.T, client client.Interface, policy kyvernov1.ClusterPolicy, namespace string, expected []kyvernov1.ResourceSpec) {
|
func validateGeneratedResources(t *testing.T, client dclient.Interface, policy kyvernov1.ClusterPolicy, namespace string, expected []kyvernov1.ResourceSpec) {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
t.Log("--validate if resources are generated---")
|
t.Log("--validate if resources are generated---")
|
||||||
// list of expected generated resources
|
// list of expected generated resources
|
||||||
|
@ -357,7 +357,7 @@ func loadPolicyResource(t *testing.T, file string) *unstructured.Unstructured {
|
||||||
return resources[0]
|
return resources[0]
|
||||||
}
|
}
|
||||||
|
|
||||||
func getClient(t *testing.T, files []string) client.Interface {
|
func getClient(t *testing.T, files []string) dclient.Interface {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
var objects []k8sRuntime.Object
|
var objects []k8sRuntime.Object
|
||||||
for _, file := range files {
|
for _, file := range files {
|
||||||
|
@ -366,14 +366,14 @@ func getClient(t *testing.T, files []string) client.Interface {
|
||||||
// create mock client
|
// create mock client
|
||||||
scheme := k8sRuntime.NewScheme()
|
scheme := k8sRuntime.NewScheme()
|
||||||
// mock client expects the resource to be as runtime.Object
|
// mock client expects the resource to be as runtime.Object
|
||||||
c, err := client.NewMockClient(scheme, nil, objects...)
|
c, err := dclient.NewMockClient(scheme, nil, objects...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("failed to create client. %v", err)
|
t.Errorf("failed to create client. %v", err)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
// get GVR from GVK
|
// get GVR from GVK
|
||||||
gvrs := getGVRForResources(objects)
|
gvrs := getGVRForResources(objects)
|
||||||
c.SetDiscovery(client.NewFakeDiscoveryClient(gvrs))
|
c.SetDiscovery(dclient.NewFakeDiscoveryClient(gvrs))
|
||||||
t.Log("created mock client with pre-loaded resources")
|
t.Log("created mock client with pre-loaded resources")
|
||||||
return c
|
return c
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
"github.com/go-logr/logr"
|
"github.com/go-logr/logr"
|
||||||
wildcard "github.com/kyverno/go-wildcard"
|
wildcard "github.com/kyverno/go-wildcard"
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
engineutils "github.com/kyverno/kyverno/pkg/engine/utils"
|
engineutils "github.com/kyverno/kyverno/pkg/engine/utils"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
admissionv1 "k8s.io/api/admission/v1"
|
admissionv1 "k8s.io/api/admission/v1"
|
||||||
|
@ -99,7 +99,7 @@ func compareString(str, name string) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
// CRDsInstalled checks if the Kyverno CRDs are installed or not
|
// CRDsInstalled checks if the Kyverno CRDs are installed or not
|
||||||
func CRDsInstalled(discovery client.IDiscovery) bool {
|
func CRDsInstalled(discovery dclient.IDiscovery) bool {
|
||||||
kyvernoCRDs := []string{"ClusterPolicy", "ClusterPolicyReport", "PolicyReport", "ClusterReportChangeRequest", "ReportChangeRequest"}
|
kyvernoCRDs := []string{"ClusterPolicy", "ClusterPolicyReport", "PolicyReport", "ClusterReportChangeRequest", "ReportChangeRequest"}
|
||||||
for _, crd := range kyvernoCRDs {
|
for _, crd := range kyvernoCRDs {
|
||||||
if !isCRDInstalled(discovery, crd) {
|
if !isCRDInstalled(discovery, crd) {
|
||||||
|
@ -110,7 +110,7 @@ func CRDsInstalled(discovery client.IDiscovery) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func isCRDInstalled(discoveryClient client.IDiscovery, kind string) bool {
|
func isCRDInstalled(discoveryClient dclient.IDiscovery, kind string) bool {
|
||||||
gvr, err := discoveryClient.GetGVRFromKind(kind)
|
gvr, err := discoveryClient.GetGVRFromKind(kind)
|
||||||
if gvr.Empty() {
|
if gvr.Empty() {
|
||||||
if err == nil {
|
if err == nil {
|
||||||
|
|
|
@ -15,7 +15,7 @@ import (
|
||||||
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
||||||
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/utils"
|
"github.com/kyverno/kyverno/pkg/utils"
|
||||||
kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
|
kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
@ -39,7 +39,7 @@ var DefaultWebhookTimeout int32 = 10
|
||||||
// it is NOT multi-thread safe
|
// it is NOT multi-thread safe
|
||||||
type webhookConfigManager struct {
|
type webhookConfigManager struct {
|
||||||
// clients
|
// clients
|
||||||
discoveryClient client.IDiscovery
|
discoveryClient dclient.IDiscovery
|
||||||
kubeClient kubernetes.Interface
|
kubeClient kubernetes.Interface
|
||||||
kyvernoClient kyvernoclient.Interface
|
kyvernoClient kyvernoclient.Interface
|
||||||
|
|
||||||
|
@ -77,7 +77,7 @@ type manage interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
func newWebhookConfigManager(
|
func newWebhookConfigManager(
|
||||||
discoveryClient client.IDiscovery,
|
discoveryClient dclient.IDiscovery,
|
||||||
kubeClient kubernetes.Interface,
|
kubeClient kubernetes.Interface,
|
||||||
kyvernoClient kyvernoclient.Interface,
|
kyvernoClient kyvernoclient.Interface,
|
||||||
pInformer kyvernoinformer.ClusterPolicyInformer,
|
pInformer kyvernoinformer.ClusterPolicyInformer,
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
|
kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
|
||||||
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/utils"
|
"github.com/kyverno/kyverno/pkg/utils"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
|
admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
|
||||||
|
@ -66,7 +66,7 @@ type Register struct {
|
||||||
// NewRegister creates new Register instance
|
// NewRegister creates new Register instance
|
||||||
func NewRegister(
|
func NewRegister(
|
||||||
clientConfig *rest.Config,
|
clientConfig *rest.Config,
|
||||||
client client.Interface,
|
client dclient.Interface,
|
||||||
kubeClient kubernetes.Interface,
|
kubeClient kubernetes.Interface,
|
||||||
kyvernoClient kyvernoclient.Interface,
|
kyvernoClient kyvernoclient.Interface,
|
||||||
mwcInformer adminformers.MutatingWebhookConfigurationInformer,
|
mwcInformer adminformers.MutatingWebhookConfigurationInformer,
|
||||||
|
|
|
@ -6,7 +6,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/go-logr/logr"
|
"github.com/go-logr/logr"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/openapi"
|
"github.com/kyverno/kyverno/pkg/openapi"
|
||||||
policyvalidate "github.com/kyverno/kyverno/pkg/policy"
|
policyvalidate "github.com/kyverno/kyverno/pkg/policy"
|
||||||
"github.com/kyverno/kyverno/pkg/policymutation"
|
"github.com/kyverno/kyverno/pkg/policymutation"
|
||||||
|
@ -16,11 +16,11 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type handlers struct {
|
type handlers struct {
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
openAPIController *openapi.Controller
|
openAPIController *openapi.Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewHandlers(client client.Interface, openAPIController *openapi.Controller) webhooks.Handlers {
|
func NewHandlers(client dclient.Interface, openAPIController *openapi.Controller) webhooks.Handlers {
|
||||||
return &handlers{
|
return &handlers{
|
||||||
client: client,
|
client: client,
|
||||||
openAPIController: openAPIController,
|
openAPIController: openAPIController,
|
||||||
|
|
|
@ -13,7 +13,7 @@ import (
|
||||||
urlister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1beta1"
|
urlister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1beta1"
|
||||||
"github.com/kyverno/kyverno/pkg/common"
|
"github.com/kyverno/kyverno/pkg/common"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
enginectx "github.com/kyverno/kyverno/pkg/engine/context"
|
enginectx "github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
|
@ -40,7 +40,7 @@ import (
|
||||||
|
|
||||||
type handlers struct {
|
type handlers struct {
|
||||||
// clients
|
// clients
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
kyvernoClient kyvernoclient.Interface
|
kyvernoClient kyvernoclient.Interface
|
||||||
|
|
||||||
// config
|
// config
|
||||||
|
@ -65,7 +65,7 @@ type handlers struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewHandlers(
|
func NewHandlers(
|
||||||
client client.Interface,
|
client dclient.Interface,
|
||||||
kyvernoClient kyvernoclient.Interface,
|
kyvernoClient kyvernoclient.Interface,
|
||||||
configuration config.Configuration,
|
configuration config.Configuration,
|
||||||
promConfig *metrics.PromConfig,
|
promConfig *metrics.PromConfig,
|
||||||
|
|
|
@ -10,7 +10,7 @@ import (
|
||||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||||
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
||||||
"github.com/kyverno/kyverno/pkg/autogen"
|
"github.com/kyverno/kyverno/pkg/autogen"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
enginectx "github.com/kyverno/kyverno/pkg/engine/context"
|
enginectx "github.com/kyverno/kyverno/pkg/engine/context"
|
||||||
"github.com/kyverno/kyverno/pkg/engine/response"
|
"github.com/kyverno/kyverno/pkg/engine/response"
|
||||||
|
@ -222,7 +222,7 @@ func hasAnnotations(context *engine.PolicyContext) bool {
|
||||||
return len(annotations) != 0
|
return len(annotations) != 0
|
||||||
}
|
}
|
||||||
|
|
||||||
func getGeneratedByResource(newRes *unstructured.Unstructured, resLabels map[string]string, client client.Interface, rule kyvernov1.Rule, logger logr.Logger) (kyvernov1.Rule, error) {
|
func getGeneratedByResource(newRes *unstructured.Unstructured, resLabels map[string]string, client dclient.Interface, rule kyvernov1.Rule, logger logr.Logger) (kyvernov1.Rule, error) {
|
||||||
var apiVersion, kind, name, namespace string
|
var apiVersion, kind, name, namespace string
|
||||||
sourceRequest := &admissionv1.AdmissionRequest{}
|
sourceRequest := &admissionv1.AdmissionRequest{}
|
||||||
kind = resLabels["kyverno.io/generated-by-kind"]
|
kind = resLabels["kyverno.io/generated-by-kind"]
|
||||||
|
|
|
@ -8,7 +8,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
"github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
||||||
"github.com/kyverno/kyverno/pkg/common"
|
"github.com/kyverno/kyverno/pkg/common"
|
||||||
"github.com/kyverno/kyverno/pkg/config"
|
"github.com/kyverno/kyverno/pkg/config"
|
||||||
client "github.com/kyverno/kyverno/pkg/dclient"
|
"github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"github.com/kyverno/kyverno/pkg/engine"
|
"github.com/kyverno/kyverno/pkg/engine"
|
||||||
"github.com/kyverno/kyverno/pkg/event"
|
"github.com/kyverno/kyverno/pkg/event"
|
||||||
"github.com/kyverno/kyverno/pkg/metrics"
|
"github.com/kyverno/kyverno/pkg/metrics"
|
||||||
|
@ -42,7 +42,7 @@ type AuditHandler interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
type auditHandler struct {
|
type auditHandler struct {
|
||||||
client client.Interface
|
client dclient.Interface
|
||||||
queue workqueue.RateLimitingInterface
|
queue workqueue.RateLimitingInterface
|
||||||
pCache policycache.Cache
|
pCache policycache.Cache
|
||||||
eventGen event.Interface
|
eventGen event.Interface
|
||||||
|
@ -66,7 +66,7 @@ func NewValidateAuditHandler(pCache policycache.Cache,
|
||||||
namespaces informers.NamespaceInformer,
|
namespaces informers.NamespaceInformer,
|
||||||
log logr.Logger,
|
log logr.Logger,
|
||||||
dynamicConfig config.Configuration,
|
dynamicConfig config.Configuration,
|
||||||
client client.Interface,
|
client dclient.Interface,
|
||||||
promConfig *metrics.PromConfig,
|
promConfig *metrics.PromConfig,
|
||||||
) AuditHandler {
|
) AuditHandler {
|
||||||
return &auditHandler{
|
return &auditHandler{
|
||||||
|
|
Loading…
Add table
Reference in a new issue