mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

allow generate with no data/status

Browse source
This commit is contained in:
Jim Bugwadia 2020-12-12 21:19:37 -08:00
parent b7cecd04ed
commit 5dcf37141b
2 changed files with 16 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
pkg/generate/generate.go
View file

@ -318,20 +318,24 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
Name: genName,
}
genData, _, err := unstructured.NestedMap(genUnst.Object, "data")
genData, found, err := unstructured.NestedMap(genUnst.Object, "data")
if err != nil {
return noGenResource, err
}
genCopy, _, err := unstructured.NestedMap(genUnst.Object, "clone")
genClone, _, err := unstructured.NestedMap(genUnst.Object, "clone")
if err != nil {
return noGenResource, err
}
if genData != nil {
rdata, mode, err = manageData(log, genAPIVersion, genKind, genNamespace, genName, genData, client, resource)
if genClone != nil {
rdata, mode, err = manageClone(log, genAPIVersion, genKind, genNamespace, genName, genClone, client, resource)
} else {
rdata, mode, err = manageClone(log, genAPIVersion, genKind, genNamespace, genName, genCopy, client, resource)
if found {
rdata, mode, err = manageData(log, genAPIVersion, genKind, genNamespace, genName, genData, client, resource)
} else {
log.V(3).Info("generate rule has no data and clone")
}
}
logger := log.WithValues("genKind", genKind, "genAPIVersion", genAPIVersion, "genNamespace", genNamespace, "genName", genName)
@ -424,17 +428,16 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
}
func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data map[string]interface{}, client *dclient.Client, resource unstructured.Unstructured) (map[string]interface{}, ResourceMode, error) {
// check if resource to be generated exists
obj, err := client.GetResource(apiVersion, kind, namespace, name)
if err != nil {
if apierrors.IsNotFound(err) {
log.V(3).Info("resource does not exist, will try to create", "genKind", kind, "genAPIVersion", apiVersion, "genNamespace", namespace, "genName", name)
return data, Create, nil
}
//something wrong while fetching resource
// client-errors
return nil, Skip, err
}
updateObj := &unstructured.Unstructured{}
updateObj.SetUnstructuredContent(data)
updateObj.SetResourceVersion(obj.GetResourceVersion())

6
pkg/policy/generate/validate.go
View file

@ -37,11 +37,15 @@ func NewGenerateFactory(client *dclient.Client, rule kyverno.Generation, log log
func (g *Generate) Validate() (string, error) {
rule := g.rule
if rule.Data == nil && rule.Clone == (kyverno.CloneFrom{}) {
return "", fmt.Errorf("clone or data are required")
// generate rules without data can be used to create objects
// which should not be updated (e.g. service accounts).
g.log.Info("generate rule has no data or clone")
}
if rule.Data != nil && rule.Clone != (kyverno.CloneFrom{}) {
return "", fmt.Errorf("only one operation allowed per generate rule(data or clone)")
}
kind, name, namespace := rule.Kind, rule.Name, rule.Namespace
if name == "" {