mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
- Update violation ruleName to the actual name of the rule; - Add the description to method ApplyRegex
This commit is contained in:
parent
8558ba3d64
commit
565afd7e3c
2 changed files with 10 additions and 10 deletions
|
@ -6,8 +6,10 @@ import (
|
|||
"github.com/nirmata/kube-policy/webhooks"
|
||||
)
|
||||
|
||||
type policyInterface interface {
|
||||
ApplySingle(policy types.Policy, resourceRaw []byte) (webhooks.PatchBytes, violation.Violations, error)
|
||||
|
||||
ApplyRegex(policy types.Policy) (webhooks.PatchBytes, violation.Violations, error)
|
||||
// TODO:
|
||||
// When the policy get updates, policy controller will detect the changes and
|
||||
// try to process the changes on all matched resource. If there is any patch
|
||||
// returns, we should add the violation to the resource indicating the changes
|
||||
func ApplyRegex(policy types.Policy) (webhooks.PatchBytes, violation.Violations, error) {
|
||||
return nil, nil, nil
|
||||
}
|
||||
|
|
|
@ -6,11 +6,10 @@ import (
|
|||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/nirmata/kube-policy/pkg/violation"
|
||||
|
||||
controller "github.com/nirmata/kube-policy/controller"
|
||||
kubeclient "github.com/nirmata/kube-policy/kubeclient"
|
||||
types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
|
||||
"github.com/nirmata/kube-policy/pkg/violation"
|
||||
v1beta1 "k8s.io/api/admission/v1beta1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
rest "k8s.io/client-go/rest"
|
||||
|
@ -109,7 +108,6 @@ func (mw *MutationWebhook) applyPolicyRules(request *v1beta1.AdmissionRequest, p
|
|||
return mw.applyPolicyRulesOnResource(request.Kind.Kind, request.Object.Raw, policy)
|
||||
}
|
||||
|
||||
// TODO: add another violation field in return elements
|
||||
// kind is the type of object being manipulated
|
||||
func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource []byte, policy types.Policy) ([]PatchBytes, []violation.Info, error) {
|
||||
patchingSets := getPolicyPatchingSets(policy)
|
||||
|
@ -140,7 +138,7 @@ func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource [
|
|||
Kind: resourceKind,
|
||||
Resource: ns + "/" + resourceName,
|
||||
Policy: policy.Name,
|
||||
RuleName: string(ruleIdx),
|
||||
RuleName: rule.Name,
|
||||
Reason: err.Error(),
|
||||
})
|
||||
|
||||
|
@ -156,7 +154,7 @@ func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource [
|
|||
Kind: resourceKind,
|
||||
Resource: ns + "/" + resourceName,
|
||||
Policy: policy.Name,
|
||||
RuleName: string(ruleIdx),
|
||||
RuleName: rule.Name,
|
||||
Reason: err.Error(),
|
||||
})
|
||||
return nil, violations, fmt.Errorf("Failed to process patches from rule #%d: %s", ruleIdx, err)
|
||||
|
@ -171,7 +169,7 @@ func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource [
|
|||
Kind: resourceKind,
|
||||
Resource: ns + "/" + resourceName,
|
||||
Policy: policy.Name,
|
||||
RuleName: string(ruleIdx),
|
||||
RuleName: rule.Name,
|
||||
Reason: fmt.Sprintf("%v out of %v patches prepared", len(rulePatchesProcessed), len(rule.Patches)),
|
||||
})
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue