Remove length restriction in --set (#7984)

* Remove length restriction in --set Signed-off-by: anushkamittal2001 <anushka@nirmata.com> * Add variables in unit test for apply_command Signed-off-by: anushkamittal2001 <anushka@nirmata.com> --------- Signed-off-by: anushkamittal2001 <anushka@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-12-14 11:57:48 +00:00 · 2023-08-14 19:43:29 +05:30 · 2023-08-14 19:43:29 +05:30 · 5272ca8601
commit 5272ca8601
parent b8959445b1
4 changed files with 61 additions and 3 deletions
--- a/cmd/cli/kubectl-kyverno/apply/apply_command.go
+++ b/cmd/cli/kubectl-kyverno/apply/apply_command.go
@ -331,9 +331,6 @@ func (c *ApplyCommandConfig) applyCommandHelper() (*common.ResultCounts, []*unst
 		fmt.Printf("Error: failed to load resources\nCause: %s\n", err)
 		osExit(1)
 	}
-	if (len(resources) > 1 || len(policies) > 1) && c.Variables != nil {
-		return nil, resources, skipInvalidPolicies, nil, sanitizederror.NewWithError("currently `set` flag supports variable for single policy applied on single resource ", nil)
-	}
 	// init variables
 	if len(variables) != 0 {
 		variables = common.SetInStoreContext(policies, variables)
--- a/cmd/cli/kubectl-kyverno/apply/apply_command_test.go
+++ b/cmd/cli/kubectl-kyverno/apply/apply_command_test.go
@ -174,6 +174,25 @@ func Test_Apply(t *testing.T) {
 				},
 			},
 		},
+		{
+			config: ApplyCommandConfig{
+				PolicyPaths:   []string{"../../../../test/cli/apply/policies-set"},
+				ResourcePaths: []string{"../../../../test/cli/apply/resources-set"},
+				Variables:     []string{"request.operation=UPDATE"},
+				PolicyReport:  true,
+			},
+			expectedPolicyReports: []preport.PolicyReport{
+				{
+					Summary: preport.PolicyReportSummary{
+						Pass:  2,
+						Fail:  0,
+						Skip:  4,
+						Error: 0,
+						Warn:  0,
+					},
+				},
+			},
+		},
 		{
 			config: ApplyCommandConfig{
 				PolicyPaths:   []string{"../../../../test/cli/test-validating-admission-policy/check-deployments-replica/policy.yaml"},
--- a/test/cli/apply/policies-set/policy.yaml
+++ b/test/cli/apply/policies-set/policy.yaml
@ -0,0 +1,20 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+   name: enforce-label
+spec:
+   validationFailureAction: Audit
+   background: false
+   rules:
+     - name: enforce-label
+       match:
+         any:
+         - resources:
+             kinds:
+               - Pod
+       validate:
+         message: "The foo label must be set."
+         pattern:
+           metadata:
+             labels:
+               op: "{{ request.operation }}"              
--- a/test/cli/apply/resources-set/resources.yaml
+++ b/test/cli/apply/resources-set/resources.yaml
@ -0,0 +1,22 @@
+apiVersion: v1
+kind: Pod
+metadata:
+   name: test-pod-1
+   labels:
+     foo: bar
+     op: UPDATE
+spec:
+   containers:
+     - name: nginx
+       image: nginx:latest
+---
+apiVersion: v1
+kind: Pod
+metadata:
+   name: test-pod-2
+   labels:
+     foo: bar
+     op: UPDATE
+spec:
+   containers:
+     - name: nginx