fix: autogen rules in status (#3728)

* refactor: autogen package logger Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: add rules to status only when necessary Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: Jim Bugwadia <jim@nirmata.com>
2025-03-05 07:26:55 +00:00 · 2022-05-05 17:11:26 +02:00 · 2022-05-05 17:11:26 +02:00 · 5d2e2faf72
commit 5d2e2faf72
parent 2af9046e13
9 changed files with 16 additions and 17010 deletions
--- a/api/kyverno/v1/policy_status.go
+++ b/api/kyverno/v1/policy_status.go
@ -29,10 +29,12 @@ type PolicyStatus struct {
 	Conditions []metav1.Condition `json:"conditions,omitempty"`
 	// Autogen contains autogen status information
 	// +optional
-	Autogen AutogenStatus `json:"autogen" yaml:"autogen"`
+	// TODO: finalize status content
+	// Autogen AutogenStatus `json:"autogen" yaml:"autogen"`
 	// Rules is a list of Rule instances. It contains original rules defined in the spec
 	// auto generated rules added for pod controllers
-	Rules []Rule `json:"rules,omitempty" yaml:"rules,omitempty"`
+	// TODO: finalize status content
+	// Rules []Rule `json:"rules,omitempty" yaml:"rules,omitempty"`
 }

 func (status *PolicyStatus) SetReady(ready bool) {
--- a/api/kyverno/v1/zz_generated.deepcopy.go
+++ b/api/kyverno/v1/zz_generated.deepcopy.go
@ -860,14 +860,6 @@ func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
-	in.Autogen.DeepCopyInto(&out.Autogen)
-	if in.Rules != nil {
-		in, out := &in.Rules, &out.Rules
-		*out = make([]Rule, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
 }

 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.
--- a/charts/kyverno/templates/crds.yaml
+++ b/charts/kyverno/templates/crds.yaml
--- a/config/crds/kyverno.io_clusterpolicies.yaml
+++ b/config/crds/kyverno.io_clusterpolicies.yaml
--- a/config/crds/kyverno.io_policies.yaml
+++ b/config/crds/kyverno.io_policies.yaml
--- a/config/install.yaml
+++ b/config/install.yaml
--- a/config/install_debug.yaml
+++ b/config/install_debug.yaml
--- a/docs/crd/v1/index.html
+++ b/docs/crd/v1/index.html
@ -751,10 +751,6 @@ attributes for keyless verification, or a nested attestor declaration.</p>
 <h3 id="kyverno.io/v1.AutogenStatus">AutogenStatus
 </h3>
 <p>
-(<em>Appears on:</em>
-<a href="#kyverno.io/v1.PolicyStatus">PolicyStatus</a>)
-</p>
-<p>
 <p>AutogenStatus contains autogen status information.
 It indicates requested and effective autogen controllers used when
 automatically generating rules.</p>
@ -2296,34 +2292,6 @@ Deprecated in favor of Conditions</p>
 <p>Conditions is a list of conditions that apply to the policy</p>
 </td>
 </tr>
-<tr>
-<td>
-<code>autogen</code></br>
-<em>
-<a href="#kyverno.io/v1.AutogenStatus">
-AutogenStatus
-</a>
-</em>
-</td>
-<td>
-<em>(Optional)</em>
-<p>Autogen contains autogen status information</p>
-</td>
-</tr>
-<tr>
-<td>
-<code>rules</code></br>
-<em>
-<a href="#kyverno.io/v1.Rule">
-[]Rule
-</a>
-</em>
-</td>
-<td>
-<p>Rules is a list of Rule instances. It contains original rules defined in the spec
-auto generated rules added for pod controllers</p>
-</td>
-</tr>
 </tbody>
 </table>
 <hr />
@ -2631,7 +2599,6 @@ string
 </h3>
 <p>
 (<em>Appears on:</em>
-<a href="#kyverno.io/v1.PolicyStatus">PolicyStatus</a>, 
 <a href="#kyverno.io/v1.Spec">Spec</a>)
 </p>
 <p>
--- a/pkg/webhookconfig/configmanager.go
+++ b/pkg/webhookconfig/configmanager.go
@ -707,13 +707,18 @@ func (m *webhookConfigManager) compareAndUpdateWebhook(webhookKind, webhookName
 }

 func (m *webhookConfigManager) updateStatus(namespace, name string, ready bool) error {
-	update := func(meta *metav1.ObjectMeta, spec *kyverno.Spec, status *kyverno.PolicyStatus) bool {
+	update := func(meta *metav1.ObjectMeta, p kyverno.PolicyInterface, status *kyverno.PolicyStatus) bool {
 		copy := status.DeepCopy()
-		requested, _, activated := autogen.GetControllers(meta, spec)
 		status.SetReady(ready)
-		status.Autogen.Requested = requested
-		status.Autogen.Activated = activated
-		status.Rules = spec.Rules
+		// TODO: finalize status content
+		// requested, _, activated := autogen.GetControllers(meta, p.GetSpec())
+		// status.Autogen.Requested = requested
+		// status.Autogen.Activated = activated
+		// if toggle.AutogenInternals() {
+		// 	status.Rules = autogen.ComputeRules(p)
+		// } else {
+		// 	status.Rules = nil
+		// }
 		return !reflect.DeepEqual(status, copy)
 	}
 	if namespace == "" {
@ -721,7 +726,7 @@ func (m *webhookConfigManager) updateStatus(namespace, name string, ready bool)
 		if err != nil {
 			return err
 		}
-		if update(&p.ObjectMeta, &p.Spec, &p.Status) {
+		if update(&p.ObjectMeta, p, &p.Status) {
 			if _, err := m.kyvernoClient.KyvernoV1().ClusterPolicies().UpdateStatus(context.TODO(), p, metav1.UpdateOptions{}); err != nil {
 				return err
 			}
@ -731,7 +736,7 @@ func (m *webhookConfigManager) updateStatus(namespace, name string, ready bool)
 		if err != nil {
 			return err
 		}
-		if update(&p.ObjectMeta, &p.Spec, &p.Status) {
+		if update(&p.ObjectMeta, p, &p.Status) {
 			if _, err := m.kyvernoClient.KyvernoV1().Policies(namespace).UpdateStatus(context.TODO(), p, metav1.UpdateOptions{}); err != nil {
 				return err
 			}