mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-13 19:28:55 +00:00
Code Activity

chore: introduce v2 for updaterequests (#9267)

Browse source 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
This commit is contained in:
Mariam Fahmy 2023-12-23 02:09:02 +02:00 committed by GitHub
parent 8308a6c69c
commit 5f09fa810c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 3519 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
api/kyverno/v1beta1/updaterequest_types.go
View file

@ -45,6 +45,7 @@ type UpdateRequestStatus struct {
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:object:root=true
// +kubebuilder:storageversion
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Policy",type="string",JSONPath=".spec.policy"
// +kubebuilder:printcolumn:name="RuleType",type="string",JSONPath=".spec.requestType"

179
api/kyverno/v2/updaterequest_types.go Normal file
View file

@ -0,0 +1,179 @@
/*
Copyright 2022.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v2
import (
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
admissionv1 "k8s.io/api/admission/v1"
authenticationv1 "k8s.io/api/authentication/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// UpdateRequestStatus defines the observed state of UpdateRequest
type UpdateRequestStatus struct {
// State represents state of the update request.
State UpdateRequestState `json:"state" yaml:"state"`
// Specifies request status message.
// +optional
Message string `json:"message,omitempty" yaml:"message,omitempty"`
// This will track the resources that are updated by the generate Policy.
// Will be used during clean up resources.
GeneratedResources []kyvernov1.ResourceSpec `json:"generatedResources,omitempty" yaml:"generatedResources,omitempty"`
RetryCount int `json:"retryCount,omitempty" yaml:"retryCount,omitempty"`
}
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Policy",type="string",JSONPath=".spec.policy"
// +kubebuilder:printcolumn:name="RuleType",type="string",JSONPath=".spec.requestType"
// +kubebuilder:printcolumn:name="ResourceKind",type="string",JSONPath=".spec.resource.kind"
// +kubebuilder:printcolumn:name="ResourceName",type="string",JSONPath=".spec.resource.name"
// +kubebuilder:printcolumn:name="ResourceNamespace",type="string",JSONPath=".spec.resource.namespace"
// +kubebuilder:printcolumn:name="status",type="string",JSONPath=".status.state"
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:shortName=ur,categories=kyverno
// UpdateRequest is a request to process mutate and generate rules in background.
type UpdateRequest struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// ResourceSpec is the information to identify the trigger resource.
Spec UpdateRequestSpec `json:"spec,omitempty"`
// Status contains statistics related to update request.
// +optional
Status UpdateRequestStatus `json:"status,omitempty"`
}
type RequestType string
const (
Mutate RequestType = "mutate"
Generate RequestType = "generate"
)
// UpdateRequestSpec stores the request specification.
type UpdateRequestSpec struct {
// Type represents request type for background processing
// +kubebuilder:validation:Enum=mutate;generate
Type RequestType `json:"requestType,omitempty" yaml:"requestType,omitempty"`
// Specifies the name of the policy.
Policy string `json:"policy" yaml:"policy"`
// Rule is the associate rule name of the current UR.
Rule string `json:"rule" yaml:"rule"`
// DeleteDownstream represents whether the downstream needs to be deleted.
DeleteDownstream bool `json:"deleteDownstream" yaml:"deleteDownstream"`
// Synchronize represents the sync behavior of the corresponding rule
// Optional. Defaults to "false" if not specified.
Synchronize bool `json:"synchronize,omitempty" yaml:"synchronize,omitempty"`
// ResourceSpec is the information to identify the trigger resource.
Resource kyvernov1.ResourceSpec `json:"resource" yaml:"resource"`
// Context ...
Context UpdateRequestSpecContext `json:"context" yaml:"context"`
}
// UpdateRequestSpecContext stores the context to be shared.
type UpdateRequestSpecContext struct {
// +optional
UserRequestInfo RequestInfo `json:"userInfo,omitempty" yaml:"userInfo,omitempty"`
// +optional
AdmissionRequestInfo AdmissionRequestInfoObject `json:"admissionRequestInfo,omitempty" yaml:"admissionRequestInfo,omitempty"`
}
// RequestInfo contains permission info carried in an admission request.
type RequestInfo struct {
// Roles is a list of possible role send the request.
// +nullable
// +optional
Roles []string `json:"roles,omitempty" yaml:"roles,omitempty"`
// ClusterRoles is a list of possible clusterRoles send the request.
// +nullable
// +optional
ClusterRoles []string `json:"clusterRoles,omitempty" yaml:"clusterRoles,omitempty"`
// UserInfo is the userInfo carried in the admission request.
// +optional
AdmissionUserInfo authenticationv1.UserInfo `json:"userInfo" yaml:"userInfo"`
}
// AdmissionRequestInfoObject stores the admission request and operation details
type AdmissionRequestInfoObject struct {
// +optional
AdmissionRequest *admissionv1.AdmissionRequest `json:"admissionRequest,omitempty" yaml:"admissionRequest,omitempty"`
// +optional
Operation admissionv1.Operation `json:"operation,omitempty" yaml:"operation,omitempty"`
}
// UpdateRequestState defines the state of request.
type UpdateRequestState string
const (
// Pending - the Request is yet to be processed or resource has not been created.
Pending UpdateRequestState = "Pending"
// Failed - the Update Request Controller failed to process the rules.
Failed UpdateRequestState = "Failed"
// Completed - the Update Request Controller created resources defined in the policy.
Completed UpdateRequestState = "Completed"
// Skip - the Update Request Controller skips to generate the resource.
Skip UpdateRequestState = "Skip"
)
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:object:root=true
// UpdateRequestList contains a list of UpdateRequest
type UpdateRequestList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []UpdateRequest `json:"items"`
}
func (s *UpdateRequestSpec) GetRequestType() RequestType {
return s.Type
}
func (s *UpdateRequestSpec) GetPolicyKey() string {
return s.Policy
}
func (s *UpdateRequestSpec) GetRuleName() string {
return s.Rule
}
func (s *UpdateRequestSpec) GetSynchronize() bool {
return s.Synchronize
}
func (s *UpdateRequestSpec) GetResource() kyvernov1.ResourceSpec {
return s.Resource
}

175
api/kyverno/v2/zz_generated.deepcopy.go
View file

@ -22,9 +22,10 @@ limitations under the License.
package v2
import (
v1 "github.com/kyverno/kyverno/api/kyverno/v1"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
v2beta1 "github.com/kyverno/kyverno/api/kyverno/v2beta1"
v1alpha2 "github.com/kyverno/kyverno/api/policyreport/v1alpha2"
v1 "k8s.io/api/admission/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
@ -115,6 +116,27 @@ func (in *AdmissionReportSpec) DeepCopy() *AdmissionReportSpec {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionRequestInfoObject) DeepCopyInto(out *AdmissionRequestInfoObject) {
*out = *in
if in.AdmissionRequest != nil {
in, out := &in.AdmissionRequest, &out.AdmissionRequest
*out = new(v1.AdmissionRequest)
(*in).DeepCopyInto(*out)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionRequestInfoObject.
func (in *AdmissionRequestInfoObject) DeepCopy() *AdmissionRequestInfoObject {
if in == nil {
return nil
}
out := new(AdmissionRequestInfoObject)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AnyAllConditions) DeepCopyInto(out *AnyAllConditions) {
*out = *in
@ -295,7 +317,7 @@ func (in *CleanupPolicySpec) DeepCopyInto(out *CleanupPolicySpec) {
*out = *in
if in.Context != nil {
in, out := &in.Context, &out.Context
*out = make([]v1.ContextEntry, len(*in))
*out = make([]kyvernov1.ContextEntry, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
@ -581,14 +603,14 @@ func (in *MatchResources) DeepCopyInto(out *MatchResources) {
*out = *in
if in.Any != nil {
in, out := &in.Any, &out.Any
*out = make(v1.ResourceFilters, len(*in))
*out = make(kyvernov1.ResourceFilters, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.All != nil {
in, out := &in.All, &out.All
*out = make(v1.ResourceFilters, len(*in))
*out = make(kyvernov1.ResourceFilters, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
@ -699,3 +721,148 @@ func (in *PolicyExceptionSpec) DeepCopy() *PolicyExceptionSpec {
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *RequestInfo) DeepCopyInto(out *RequestInfo) {
*out = *in
if in.Roles != nil {
in, out := &in.Roles, &out.Roles
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.ClusterRoles != nil {
in, out := &in.ClusterRoles, &out.ClusterRoles
*out = make([]string, len(*in))
copy(*out, *in)
}
in.AdmissionUserInfo.DeepCopyInto(&out.AdmissionUserInfo)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestInfo.
func (in *RequestInfo) DeepCopy() *RequestInfo {
if in == nil {
return nil
}
out := new(RequestInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UpdateRequest) DeepCopyInto(out *UpdateRequest) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequest.
func (in *UpdateRequest) DeepCopy() *UpdateRequest {
if in == nil {
return nil
}
out := new(UpdateRequest)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *UpdateRequest) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UpdateRequestList) DeepCopyInto(out *UpdateRequestList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]UpdateRequest, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequestList.
func (in *UpdateRequestList) DeepCopy() *UpdateRequestList {
if in == nil {
return nil
}
out := new(UpdateRequestList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *UpdateRequestList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UpdateRequestSpec) DeepCopyInto(out *UpdateRequestSpec) {
*out = *in
out.Resource = in.Resource
in.Context.DeepCopyInto(&out.Context)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequestSpec.
func (in *UpdateRequestSpec) DeepCopy() *UpdateRequestSpec {
if in == nil {
return nil
}
out := new(UpdateRequestSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UpdateRequestSpecContext) DeepCopyInto(out *UpdateRequestSpecContext) {
*out = *in
in.UserRequestInfo.DeepCopyInto(&out.UserRequestInfo)
in.AdmissionRequestInfo.DeepCopyInto(&out.AdmissionRequestInfo)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequestSpecContext.
func (in *UpdateRequestSpecContext) DeepCopy() *UpdateRequestSpecContext {
if in == nil {
return nil
}
out := new(UpdateRequestSpecContext)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UpdateRequestStatus) DeepCopyInto(out *UpdateRequestStatus) {
*out = *in
if in.GeneratedResources != nil {
in, out := &in.GeneratedResources, &out.GeneratedResources
*out = make([]kyvernov1.ResourceSpec, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequestStatus.
func (in *UpdateRequestStatus) DeepCopy() *UpdateRequestStatus {
if in == nil {
return nil
}
out := new(UpdateRequestStatus)
in.DeepCopyInto(out)
return out
}

2
api/kyverno/v2/zz_generated.register.go
View file

@ -72,6 +72,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
&ClusterCleanupPolicyList{},
&PolicyException{},
&PolicyExceptionList{},
&UpdateRequest{},
&UpdateRequestList{},
)
// AddToGroupVersion allows the serialization of client types like ListOptions.
v1.AddToGroupVersion(scheme, SchemeGroupVersion)

384
charts/kyverno/charts/crds/templates/crds.yaml
View file

@ -47677,6 +47677,390 @@ spec:
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.requestType
name: RuleType
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v2
schema:
openAPIV3Schema:
description: UpdateRequest is a request to process mutate and generate rules
in background.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResourceSpec is the information to identify the trigger resource.
properties:
context:
description: Context ...
properties:
admissionRequestInfo:
description: AdmissionRequestInfoObject stores the admission request
and operation details
properties:
admissionRequest:
description: AdmissionRequest describes the admission.Attributes
for the admission request.
properties:
dryRun:
description: DryRun indicates that modifications will
definitely not be persisted for this request. Defaults
to false.
type: boolean
kind:
description: Kind is the fully-qualified type of object
being submitted (for example, v1.Pod or autoscaling.v1.Scale)
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
name:
description: Name is the name of the object as presented
in the request. On a CREATE operation, the client may
omit name and rely on the server to generate the name. If
that is the case, this field will contain an empty string.
type: string
namespace:
description: Namespace is the namespace associated with
the request (if any).
type: string
object:
description: Object is the object from the incoming request.
type: object
x-kubernetes-preserve-unknown-fields: true
oldObject:
description: OldObject is the existing object. Only populated
for DELETE and UPDATE requests.
type: object
x-kubernetes-preserve-unknown-fields: true
operation:
description: Operation is the operation being performed.
This may be different than the operation requested.
e.g. a patch can result in either a CREATE or UPDATE
Operation.
type: string
options:
description: Options is the operation option structure
of the operation being performed. e.g. `meta.k8s.io/v1.DeleteOptions`
or `meta.k8s.io/v1.CreateOptions`. This may be different
than the options the caller provided. e.g. for a patch
request the performed Operation might be a CREATE, in
which case the Options will a `meta.k8s.io/v1.CreateOptions`
even though the caller provided `meta.k8s.io/v1.PatchOptions`.
type: object
x-kubernetes-preserve-unknown-fields: true
requestKind:
description: "RequestKind is the fully-qualified type
of the original API request (for example, v1.Pod or
autoscaling.v1.Scale). If this is specified and differs
from the value in \"kind\", an equivalent match and
conversion was performed. \n For example, if deployments
can be modified via apps/v1 and apps/v1beta1, and a
webhook registered a rule of `apiGroups:[\"apps\"],
apiVersions:[\"v1\"], resources: [\"deployments\"]`
and `matchPolicy: Equivalent`, an API request to apps/v1beta1
deployments would be converted and sent to the webhook
with `kind: {group:\"apps\", version:\"v1\", kind:\"Deployment\"}`
(matching the rule the webhook registered for), and
`requestKind: {group:\"apps\", version:\"v1beta1\",
kind:\"Deployment\"}` (indicating the kind of the original
API request). \n See documentation for the \"matchPolicy\"
field in the webhook configuration type for more details."
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
requestResource:
description: "RequestResource is the fully-qualified resource
of the original API request (for example, v1.pods).
If this is specified and differs from the value in \"resource\",
an equivalent match and conversion was performed. \n
For example, if deployments can be modified via apps/v1
and apps/v1beta1, and a webhook registered a rule of
`apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources:
[\"deployments\"]` and `matchPolicy: Equivalent`, an
API request to apps/v1beta1 deployments would be converted
and sent to the webhook with `resource: {group:\"apps\",
version:\"v1\", resource:\"deployments\"}` (matching
the resource the webhook registered for), and `requestResource:
{group:\"apps\", version:\"v1beta1\", resource:\"deployments\"}`
(indicating the resource of the original API request).
\n See documentation for the \"matchPolicy\" field in
the webhook configuration type."
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
requestSubResource:
description: RequestSubResource is the name of the subresource
of the original API request, if any (for example, "status"
or "scale") If this is specified and differs from the
value in "subResource", an equivalent match and conversion
was performed. See documentation for the "matchPolicy"
field in the webhook configuration type.
type: string
resource:
description: Resource is the fully-qualified resource
being requested (for example, v1.pods)
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
subResource:
description: SubResource is the subresource being requested,
if any (for example, "status" or "scale")
type: string
uid:
description: UID is an identifier for the individual request/response.
It allows us to distinguish instances of requests which
are otherwise identical (parallel requests, requests
when earlier requests did not modify etc) The UID is
meant to track the round trip (request/response) between
the KAS and the WebHook, not the user request. It is
suitable for correlating log entries between the webhook
and apiserver, for either auditing or debugging.
type: string
userInfo:
description: UserInfo is information about the requesting
user
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by
the authenticator.
type: object
groups:
description: The names of groups this user is a part
of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another
user by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this
user among all active users.
type: string
type: object
required:
- kind
- operation
- resource
- uid
- userInfo
type: object
operation:
description: Operation is the type of resource operation being
checked for admission control
type: string
type: object
userInfo:
description: RequestInfo contains permission info carried in an
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request.
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by the
authenticator.
type: object
groups:
description: The names of groups this user is a part of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another user
by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this user
among all active users.
type: string
type: object
type: object
type: object
deleteDownstream:
description: DeleteDownstream represents whether the downstream needs
to be deleted.
type: boolean
policy:
description: Specifies the name of the policy.
type: string
requestType:
description: Type represents request type for background processing
enum:
- mutate
- generate
type: string
resource:
description: ResourceSpec is the information to identify the trigger
resource.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
rule:
description: Rule is the associate rule name of the current UR.
type: string
synchronize:
description: Synchronize represents the sync behavior of the corresponding
rule Optional. Defaults to "false" if not specified.
type: boolean
required:
- context
- deleteDownstream
- policy
- resource
- rule
type: object
status:
description: Status contains statistics related to update request.
properties:
generatedResources:
description: This will track the resources that are updated by the
generate Policy. Will be used during clean up resources.
items:
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
type: array
message:
description: Specifies request status message.
type: string
retryCount:
type: integer
state:
description: State represents state of the update request.
type: string
required:
- state
type: object
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition

384
config/crds/kyverno.io_updaterequests.yaml
View file

@ -405,3 +405,387 @@ spec:
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.requestType
name: RuleType
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v2
schema:
openAPIV3Schema:
description: UpdateRequest is a request to process mutate and generate rules
in background.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResourceSpec is the information to identify the trigger resource.
properties:
context:
description: Context ...
properties:
admissionRequestInfo:
description: AdmissionRequestInfoObject stores the admission request
and operation details
properties:
admissionRequest:
description: AdmissionRequest describes the admission.Attributes
for the admission request.
properties:
dryRun:
description: DryRun indicates that modifications will
definitely not be persisted for this request. Defaults
to false.
type: boolean
kind:
description: Kind is the fully-qualified type of object
being submitted (for example, v1.Pod or autoscaling.v1.Scale)
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
name:
description: Name is the name of the object as presented
in the request. On a CREATE operation, the client may
omit name and rely on the server to generate the name. If
that is the case, this field will contain an empty string.
type: string
namespace:
description: Namespace is the namespace associated with
the request (if any).
type: string
object:
description: Object is the object from the incoming request.
type: object
x-kubernetes-preserve-unknown-fields: true
oldObject:
description: OldObject is the existing object. Only populated
for DELETE and UPDATE requests.
type: object
x-kubernetes-preserve-unknown-fields: true
operation:
description: Operation is the operation being performed.
This may be different than the operation requested.
e.g. a patch can result in either a CREATE or UPDATE
Operation.
type: string
options:
description: Options is the operation option structure
of the operation being performed. e.g. `meta.k8s.io/v1.DeleteOptions`
or `meta.k8s.io/v1.CreateOptions`. This may be different
than the options the caller provided. e.g. for a patch
request the performed Operation might be a CREATE, in
which case the Options will a `meta.k8s.io/v1.CreateOptions`
even though the caller provided `meta.k8s.io/v1.PatchOptions`.
type: object
x-kubernetes-preserve-unknown-fields: true
requestKind:
description: "RequestKind is the fully-qualified type
of the original API request (for example, v1.Pod or
autoscaling.v1.Scale). If this is specified and differs
from the value in \"kind\", an equivalent match and
conversion was performed. \n For example, if deployments
can be modified via apps/v1 and apps/v1beta1, and a
webhook registered a rule of `apiGroups:[\"apps\"],
apiVersions:[\"v1\"], resources: [\"deployments\"]`
and `matchPolicy: Equivalent`, an API request to apps/v1beta1
deployments would be converted and sent to the webhook
with `kind: {group:\"apps\", version:\"v1\", kind:\"Deployment\"}`
(matching the rule the webhook registered for), and
`requestKind: {group:\"apps\", version:\"v1beta1\",
kind:\"Deployment\"}` (indicating the kind of the original
API request). \n See documentation for the \"matchPolicy\"
field in the webhook configuration type for more details."
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
requestResource:
description: "RequestResource is the fully-qualified resource
of the original API request (for example, v1.pods).
If this is specified and differs from the value in \"resource\",
an equivalent match and conversion was performed. \n
For example, if deployments can be modified via apps/v1
and apps/v1beta1, and a webhook registered a rule of
`apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources:
[\"deployments\"]` and `matchPolicy: Equivalent`, an
API request to apps/v1beta1 deployments would be converted
and sent to the webhook with `resource: {group:\"apps\",
version:\"v1\", resource:\"deployments\"}` (matching
the resource the webhook registered for), and `requestResource:
{group:\"apps\", version:\"v1beta1\", resource:\"deployments\"}`
(indicating the resource of the original API request).
\n See documentation for the \"matchPolicy\" field in
the webhook configuration type."
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
requestSubResource:
description: RequestSubResource is the name of the subresource
of the original API request, if any (for example, "status"
or "scale") If this is specified and differs from the
value in "subResource", an equivalent match and conversion
was performed. See documentation for the "matchPolicy"
field in the webhook configuration type.
type: string
resource:
description: Resource is the fully-qualified resource
being requested (for example, v1.pods)
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
subResource:
description: SubResource is the subresource being requested,
if any (for example, "status" or "scale")
type: string
uid:
description: UID is an identifier for the individual request/response.
It allows us to distinguish instances of requests which
are otherwise identical (parallel requests, requests
when earlier requests did not modify etc) The UID is
meant to track the round trip (request/response) between
the KAS and the WebHook, not the user request. It is
suitable for correlating log entries between the webhook
and apiserver, for either auditing or debugging.
type: string
userInfo:
description: UserInfo is information about the requesting
user
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by
the authenticator.
type: object
groups:
description: The names of groups this user is a part
of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another
user by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this
user among all active users.
type: string
type: object
required:
- kind
- operation
- resource
- uid
- userInfo
type: object
operation:
description: Operation is the type of resource operation being
checked for admission control
type: string
type: object
userInfo:
description: RequestInfo contains permission info carried in an
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request.
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by the
authenticator.
type: object
groups:
description: The names of groups this user is a part of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another user
by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this user
among all active users.
type: string
type: object
type: object
type: object
deleteDownstream:
description: DeleteDownstream represents whether the downstream needs
to be deleted.
type: boolean
policy:
description: Specifies the name of the policy.
type: string
requestType:
description: Type represents request type for background processing
enum:
- mutate
- generate
type: string
resource:
description: ResourceSpec is the information to identify the trigger
resource.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
rule:
description: Rule is the associate rule name of the current UR.
type: string
synchronize:
description: Synchronize represents the sync behavior of the corresponding
rule Optional. Defaults to "false" if not specified.
type: boolean
required:
- context
- deleteDownstream
- policy
- resource
- rule
type: object
status:
description: Status contains statistics related to update request.
properties:
generatedResources:
description: This will track the resources that are updated by the
generate Policy. Will be used during clean up resources.
items:
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
type: array
message:
description: Specifies request status message.
type: string
retryCount:
type: integer
state:
description: State represents state of the update request.
type: string
required:
- state
type: object
type: object
served: true
storage: false
subresources:
status: {}

384
config/install-latest-testing.yaml
View file

@ -47902,6 +47902,390 @@ spec:
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.policy
name: Policy
type: string
- jsonPath: .spec.requestType
name: RuleType
type: string
- jsonPath: .spec.resource.kind
name: ResourceKind
type: string
- jsonPath: .spec.resource.name
name: ResourceName
type: string
- jsonPath: .spec.resource.namespace
name: ResourceNamespace
type: string
- jsonPath: .status.state
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v2
schema:
openAPIV3Schema:
description: UpdateRequest is a request to process mutate and generate rules
in background.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResourceSpec is the information to identify the trigger resource.
properties:
context:
description: Context ...
properties:
admissionRequestInfo:
description: AdmissionRequestInfoObject stores the admission request
and operation details
properties:
admissionRequest:
description: AdmissionRequest describes the admission.Attributes
for the admission request.
properties:
dryRun:
description: DryRun indicates that modifications will
definitely not be persisted for this request. Defaults
to false.
type: boolean
kind:
description: Kind is the fully-qualified type of object
being submitted (for example, v1.Pod or autoscaling.v1.Scale)
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
name:
description: Name is the name of the object as presented
in the request. On a CREATE operation, the client may
omit name and rely on the server to generate the name. If
that is the case, this field will contain an empty string.
type: string
namespace:
description: Namespace is the namespace associated with
the request (if any).
type: string
object:
description: Object is the object from the incoming request.
type: object
x-kubernetes-preserve-unknown-fields: true
oldObject:
description: OldObject is the existing object. Only populated
for DELETE and UPDATE requests.
type: object
x-kubernetes-preserve-unknown-fields: true
operation:
description: Operation is the operation being performed.
This may be different than the operation requested.
e.g. a patch can result in either a CREATE or UPDATE
Operation.
type: string
options:
description: Options is the operation option structure
of the operation being performed. e.g. `meta.k8s.io/v1.DeleteOptions`
or `meta.k8s.io/v1.CreateOptions`. This may be different
than the options the caller provided. e.g. for a patch
request the performed Operation might be a CREATE, in
which case the Options will a `meta.k8s.io/v1.CreateOptions`
even though the caller provided `meta.k8s.io/v1.PatchOptions`.
type: object
x-kubernetes-preserve-unknown-fields: true
requestKind:
description: "RequestKind is the fully-qualified type
of the original API request (for example, v1.Pod or
autoscaling.v1.Scale). If this is specified and differs
from the value in \"kind\", an equivalent match and
conversion was performed. \n For example, if deployments
can be modified via apps/v1 and apps/v1beta1, and a
webhook registered a rule of `apiGroups:[\"apps\"],
apiVersions:[\"v1\"], resources: [\"deployments\"]`
and `matchPolicy: Equivalent`, an API request to apps/v1beta1
deployments would be converted and sent to the webhook
with `kind: {group:\"apps\", version:\"v1\", kind:\"Deployment\"}`
(matching the rule the webhook registered for), and
`requestKind: {group:\"apps\", version:\"v1beta1\",
kind:\"Deployment\"}` (indicating the kind of the original
API request). \n See documentation for the \"matchPolicy\"
field in the webhook configuration type for more details."
properties:
group:
type: string
kind:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
requestResource:
description: "RequestResource is the fully-qualified resource
of the original API request (for example, v1.pods).
If this is specified and differs from the value in \"resource\",
an equivalent match and conversion was performed. \n
For example, if deployments can be modified via apps/v1
and apps/v1beta1, and a webhook registered a rule of
`apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources:
[\"deployments\"]` and `matchPolicy: Equivalent`, an
API request to apps/v1beta1 deployments would be converted
and sent to the webhook with `resource: {group:\"apps\",
version:\"v1\", resource:\"deployments\"}` (matching
the resource the webhook registered for), and `requestResource:
{group:\"apps\", version:\"v1beta1\", resource:\"deployments\"}`
(indicating the resource of the original API request).
\n See documentation for the \"matchPolicy\" field in
the webhook configuration type."
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
requestSubResource:
description: RequestSubResource is the name of the subresource
of the original API request, if any (for example, "status"
or "scale") If this is specified and differs from the
value in "subResource", an equivalent match and conversion
was performed. See documentation for the "matchPolicy"
field in the webhook configuration type.
type: string
resource:
description: Resource is the fully-qualified resource
being requested (for example, v1.pods)
properties:
group:
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
subResource:
description: SubResource is the subresource being requested,
if any (for example, "status" or "scale")
type: string
uid:
description: UID is an identifier for the individual request/response.
It allows us to distinguish instances of requests which
are otherwise identical (parallel requests, requests
when earlier requests did not modify etc) The UID is
meant to track the round trip (request/response) between
the KAS and the WebHook, not the user request. It is
suitable for correlating log entries between the webhook
and apiserver, for either auditing or debugging.
type: string
userInfo:
description: UserInfo is information about the requesting
user
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by
the authenticator.
type: object
groups:
description: The names of groups this user is a part
of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another
user by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this
user among all active users.
type: string
type: object
required:
- kind
- operation
- resource
- uid
- userInfo
type: object
operation:
description: Operation is the type of resource operation being
checked for admission control
type: string
type: object
userInfo:
description: RequestInfo contains permission info carried in an
admission request.
properties:
clusterRoles:
description: ClusterRoles is a list of possible clusterRoles
send the request.
items:
type: string
nullable: true
type: array
roles:
description: Roles is a list of possible role send the request.
items:
type: string
nullable: true
type: array
userInfo:
description: UserInfo is the userInfo carried in the admission
request.
properties:
extra:
additionalProperties:
description: ExtraValue masks the value so protobuf
can generate
items:
type: string
type: array
description: Any additional information provided by the
authenticator.
type: object
groups:
description: The names of groups this user is a part of.
items:
type: string
type: array
uid:
description: A unique value that identifies this user
across time. If this user is deleted and another user
by the same name is added, they will have different
UIDs.
type: string
username:
description: The name that uniquely identifies this user
among all active users.
type: string
type: object
type: object
type: object
deleteDownstream:
description: DeleteDownstream represents whether the downstream needs
to be deleted.
type: boolean
policy:
description: Specifies the name of the policy.
type: string
requestType:
description: Type represents request type for background processing
enum:
- mutate
- generate
type: string
resource:
description: ResourceSpec is the information to identify the trigger
resource.
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
rule:
description: Rule is the associate rule name of the current UR.
type: string
synchronize:
description: Synchronize represents the sync behavior of the corresponding
rule Optional. Defaults to "false" if not specified.
type: boolean
required:
- context
- deleteDownstream
- policy
- resource
- rule
type: object
status:
description: Status contains statistics related to update request.
properties:
generatedResources:
description: This will track the resources that are updated by the
generate Policy. Will be used during clean up resources.
items:
properties:
apiVersion:
description: APIVersion specifies resource apiVersion.
type: string
kind:
description: Kind specifies resource kind.
type: string
name:
description: Name specifies the resource name.
type: string
namespace:
description: Namespace specifies resource namespace.
type: string
uid:
description: UID specifies the resource uid.
type: string
type: object
type: array
message:
description: Specifies request status message.
type: string
retryCount:
type: integer
state:
description: State represents state of the update request.
type: string
required:
- state
type: object
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition

508
docs/user/crd/index.html
View file

@ -3240,7 +3240,9 @@ ResourceDescription
<a href="#kyverno.io/v1.Generation">Generation</a>,
<a href="#kyverno.io/v1.TargetResourceSpec">TargetResourceSpec</a>,
<a href="#kyverno.io/v1beta1.UpdateRequestSpec">UpdateRequestSpec</a>,
<a href="#kyverno.io/v1beta1.UpdateRequestStatus">UpdateRequestStatus</a>)
<a href="#kyverno.io/v1beta1.UpdateRequestStatus">UpdateRequestStatus</a>,
<a href="#kyverno.io/v2.UpdateRequestSpec">UpdateRequestSpec</a>,
<a href="#kyverno.io/v2.UpdateRequestStatus">UpdateRequestStatus</a>)
</p>
<p>
</p>
@ -5345,6 +5347,8 @@ Resource Types:
<a href="#kyverno.io/v2.ClusterCleanupPolicy">ClusterCleanupPolicy</a>
</li><li>
<a href="#kyverno.io/v2.PolicyException">PolicyException</a>
</li><li>
<a href="#kyverno.io/v2.UpdateRequest">UpdateRequest</a>
</li></ul>
<hr />
<h3 id="kyverno.io/v2.AdmissionReport">AdmissionReport
@ -6153,6 +6157,168 @@ set of conditions. The declaration can contain nested <code>any</code> or <code>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.UpdateRequest">UpdateRequest
</h3>
<p>
<p>UpdateRequest is a request to process mutate and generate rules in background.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>apiVersion</code><br/>
string</td>
<td>
<code>
kyverno.io/v2
</code>
</td>
</tr>
<tr>
<td>
<code>kind</code><br/>
string
</td>
<td><code>UpdateRequest</code></td>
</tr>
<tr>
<td>
<code>metadata</code><br/>
<em>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta">
Kubernetes meta/v1.ObjectMeta
</a>
</em>
</td>
<td>
Refer to the Kubernetes API documentation for the fields of the
<code>metadata</code> field.
</td>
</tr>
<tr>
<td>
<code>spec</code><br/>
<em>
<a href="#kyverno.io/v2.UpdateRequestSpec">
UpdateRequestSpec
</a>
</em>
</td>
<td>
<p>ResourceSpec is the information to identify the trigger resource.</p>
<br/>
<br/>
<table class="table table-striped">
<tr>
<td>
<code>requestType</code><br/>
<em>
<a href="#kyverno.io/v2.RequestType">
RequestType
</a>
</em>
</td>
<td>
<p>Type represents request type for background processing</p>
</td>
</tr>
<tr>
<td>
<code>policy</code><br/>
<em>
string
</em>
</td>
<td>
<p>Specifies the name of the policy.</p>
</td>
</tr>
<tr>
<td>
<code>rule</code><br/>
<em>
string
</em>
</td>
<td>
<p>Rule is the associate rule name of the current UR.</p>
</td>
</tr>
<tr>
<td>
<code>deleteDownstream</code><br/>
<em>
bool
</em>
</td>
<td>
<p>DeleteDownstream represents whether the downstream needs to be deleted.</p>
</td>
</tr>
<tr>
<td>
<code>synchronize</code><br/>
<em>
bool
</em>
</td>
<td>
<p>Synchronize represents the sync behavior of the corresponding rule
Optional. Defaults to &ldquo;false&rdquo; if not specified.</p>
</td>
</tr>
<tr>
<td>
<code>resource</code><br/>
<em>
<a href="#kyverno.io/v1.ResourceSpec">
ResourceSpec
</a>
</em>
</td>
<td>
<p>ResourceSpec is the information to identify the trigger resource.</p>
</td>
</tr>
<tr>
<td>
<code>context</code><br/>
<em>
<a href="#kyverno.io/v2.UpdateRequestSpecContext">
UpdateRequestSpecContext
</a>
</em>
</td>
<td>
<p>Context &hellip;</p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<code>status</code><br/>
<em>
<a href="#kyverno.io/v2.UpdateRequestStatus">
UpdateRequestStatus
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Status contains statistics related to update request.</p>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.AdmissionReportSpec">AdmissionReportSpec
</h3>
<p>
@ -6216,6 +6382,52 @@ PolicyReportSummary
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.AdmissionRequestInfoObject">AdmissionRequestInfoObject
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequestSpecContext">UpdateRequestSpecContext</a>)
</p>
<p>
<p>AdmissionRequestInfoObject stores the admission request and operation details</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>admissionRequest</code><br/>
<em>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#admissionrequest-v1-admission">
Kubernetes admission/v1.AdmissionRequest
</a>
</em>
</td>
<td>
<em>(Optional)</em>
</td>
</tr>
<tr>
<td>
<code>operation</code><br/>
<em>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#operation-v1-admission">
Kubernetes admission/v1.Operation
</a>
</em>
</td>
<td>
<em>(Optional)</em>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.AnyAllConditions">AnyAllConditions
</h3>
<p>
@ -6707,6 +6919,300 @@ set of conditions. The declaration can contain nested <code>any</code> or <code>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.RequestInfo">RequestInfo
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequestSpecContext">UpdateRequestSpecContext</a>)
</p>
<p>
<p>RequestInfo contains permission info carried in an admission request.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>roles</code><br/>
<em>
[]string
</em>
</td>
<td>
<em>(Optional)</em>
<p>Roles is a list of possible role send the request.</p>
</td>
</tr>
<tr>
<td>
<code>clusterRoles</code><br/>
<em>
[]string
</em>
</td>
<td>
<em>(Optional)</em>
<p>ClusterRoles is a list of possible clusterRoles send the request.</p>
</td>
</tr>
<tr>
<td>
<code>userInfo</code><br/>
<em>
<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#userinfo-v1-authentication">
Kubernetes authentication/v1.UserInfo
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>UserInfo is the userInfo carried in the admission request.</p>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.RequestType">RequestType
(<code>string</code> alias)</p></h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequestSpec">UpdateRequestSpec</a>)
</p>
<p>
</p>
<h3 id="kyverno.io/v2.UpdateRequestSpec">UpdateRequestSpec
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequest">UpdateRequest</a>)
</p>
<p>
<p>UpdateRequestSpec stores the request specification.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>requestType</code><br/>
<em>
<a href="#kyverno.io/v2.RequestType">
RequestType
</a>
</em>
</td>
<td>
<p>Type represents request type for background processing</p>
</td>
</tr>
<tr>
<td>
<code>policy</code><br/>
<em>
string
</em>
</td>
<td>
<p>Specifies the name of the policy.</p>
</td>
</tr>
<tr>
<td>
<code>rule</code><br/>
<em>
string
</em>
</td>
<td>
<p>Rule is the associate rule name of the current UR.</p>
</td>
</tr>
<tr>
<td>
<code>deleteDownstream</code><br/>
<em>
bool
</em>
</td>
<td>
<p>DeleteDownstream represents whether the downstream needs to be deleted.</p>
</td>
</tr>
<tr>
<td>
<code>synchronize</code><br/>
<em>
bool
</em>
</td>
<td>
<p>Synchronize represents the sync behavior of the corresponding rule
Optional. Defaults to &ldquo;false&rdquo; if not specified.</p>
</td>
</tr>
<tr>
<td>
<code>resource</code><br/>
<em>
<a href="#kyverno.io/v1.ResourceSpec">
ResourceSpec
</a>
</em>
</td>
<td>
<p>ResourceSpec is the information to identify the trigger resource.</p>
</td>
</tr>
<tr>
<td>
<code>context</code><br/>
<em>
<a href="#kyverno.io/v2.UpdateRequestSpecContext">
UpdateRequestSpecContext
</a>
</em>
</td>
<td>
<p>Context &hellip;</p>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.UpdateRequestSpecContext">UpdateRequestSpecContext
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequestSpec">UpdateRequestSpec</a>)
</p>
<p>
<p>UpdateRequestSpecContext stores the context to be shared.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>userInfo</code><br/>
<em>
<a href="#kyverno.io/v2.RequestInfo">
RequestInfo
</a>
</em>
</td>
<td>
<em>(Optional)</em>
</td>
</tr>
<tr>
<td>
<code>admissionRequestInfo</code><br/>
<em>
<a href="#kyverno.io/v2.AdmissionRequestInfoObject">
AdmissionRequestInfoObject
</a>
</em>
</td>
<td>
<em>(Optional)</em>
</td>
</tr>
</tbody>
</table>
<hr />
<h3 id="kyverno.io/v2.UpdateRequestState">UpdateRequestState
(<code>string</code> alias)</p></h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequestStatus">UpdateRequestStatus</a>)
</p>
<p>
<p>UpdateRequestState defines the state of request.</p>
</p>
<h3 id="kyverno.io/v2.UpdateRequestStatus">UpdateRequestStatus
</h3>
<p>
(<em>Appears on:</em>
<a href="#kyverno.io/v2.UpdateRequest">UpdateRequest</a>)
</p>
<p>
<p>UpdateRequestStatus defines the observed state of UpdateRequest</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>state</code><br/>
<em>
<a href="#kyverno.io/v2.UpdateRequestState">
UpdateRequestState
</a>
</em>
</td>
<td>
<p>State represents state of the update request.</p>
</td>
</tr>
<tr>
<td>
<code>message</code><br/>
<em>
string
</em>
</td>
<td>
<em>(Optional)</em>
<p>Specifies request status message.</p>
</td>
</tr>
<tr>
<td>
<code>generatedResources</code><br/>
<em>
<a href="#kyverno.io/v1.ResourceSpec">
[]ResourceSpec
</a>
</em>
</td>
<td>
<p>This will track the resources that are updated by the generate Policy.
Will be used during clean up resources.</p>
</td>
</tr>
<tr>
<td>
<code>retryCount</code><br/>
<em>
int
</em>
</td>
<td>
</td>
</tr>
</tbody>
</table>
<hr />
<h2 id="kyverno.io/v2alpha1">kyverno.io/v2alpha1</h2>
<p>
</p>

52
pkg/client/applyconfigurations/kyverno/v2/admissionrequestinfoobject.go Normal file
View file

@ -0,0 +1,52 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
import (
v1 "k8s.io/api/admission/v1"
)
// AdmissionRequestInfoObjectApplyConfiguration represents an declarative configuration of the AdmissionRequestInfoObject type for use
// with apply.
type AdmissionRequestInfoObjectApplyConfiguration struct {
AdmissionRequest *v1.AdmissionRequest `json:"admissionRequest,omitempty"`
Operation *v1.Operation `json:"operation,omitempty"`
}
// AdmissionRequestInfoObjectApplyConfiguration constructs an declarative configuration of the AdmissionRequestInfoObject type for use with
// apply.
func AdmissionRequestInfoObject() *AdmissionRequestInfoObjectApplyConfiguration {
return &AdmissionRequestInfoObjectApplyConfiguration{}
}
// WithAdmissionRequest sets the AdmissionRequest field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the AdmissionRequest field is set to the value of the last call.
func (b *AdmissionRequestInfoObjectApplyConfiguration) WithAdmissionRequest(value v1.AdmissionRequest) *AdmissionRequestInfoObjectApplyConfiguration {
b.AdmissionRequest = &value
return b
}
// WithOperation sets the Operation field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Operation field is set to the value of the last call.
func (b *AdmissionRequestInfoObjectApplyConfiguration) WithOperation(value v1.Operation) *AdmissionRequestInfoObjectApplyConfiguration {
b.Operation = &value
return b
}

65
pkg/client/applyconfigurations/kyverno/v2/requestinfo.go Normal file
View file

@ -0,0 +1,65 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
import (
v1 "k8s.io/api/authentication/v1"
)
// RequestInfoApplyConfiguration represents an declarative configuration of the RequestInfo type for use
// with apply.
type RequestInfoApplyConfiguration struct {
Roles []string `json:"roles,omitempty"`
ClusterRoles []string `json:"clusterRoles,omitempty"`
AdmissionUserInfo *v1.UserInfo `json:"userInfo,omitempty"`
}
// RequestInfoApplyConfiguration constructs an declarative configuration of the RequestInfo type for use with
// apply.
func RequestInfo() *RequestInfoApplyConfiguration {
return &RequestInfoApplyConfiguration{}
}
// WithRoles adds the given value to the Roles field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Roles field.
func (b *RequestInfoApplyConfiguration) WithRoles(values ...string) *RequestInfoApplyConfiguration {
for i := range values {
b.Roles = append(b.Roles, values[i])
}
return b
}
// WithClusterRoles adds the given value to the ClusterRoles field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the ClusterRoles field.
func (b *RequestInfoApplyConfiguration) WithClusterRoles(values ...string) *RequestInfoApplyConfiguration {
for i := range values {
b.ClusterRoles = append(b.ClusterRoles, values[i])
}
return b
}
// WithAdmissionUserInfo sets the AdmissionUserInfo field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the AdmissionUserInfo field is set to the value of the last call.
func (b *RequestInfoApplyConfiguration) WithAdmissionUserInfo(value v1.UserInfo) *RequestInfoApplyConfiguration {
b.AdmissionUserInfo = &value
return b
}

219
pkg/client/applyconfigurations/kyverno/v2/updaterequest.go Normal file
View file

@ -0,0 +1,219 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
v1 "k8s.io/client-go/applyconfigurations/meta/v1"
)
// UpdateRequestApplyConfiguration represents an declarative configuration of the UpdateRequest type for use
// with apply.
type UpdateRequestApplyConfiguration struct {
v1.TypeMetaApplyConfiguration `json:",inline"`
*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
Spec *UpdateRequestSpecApplyConfiguration `json:"spec,omitempty"`
Status *UpdateRequestStatusApplyConfiguration `json:"status,omitempty"`
}
// UpdateRequest constructs an declarative configuration of the UpdateRequest type for use with
// apply.
func UpdateRequest(name, namespace string) *UpdateRequestApplyConfiguration {
b := &UpdateRequestApplyConfiguration{}
b.WithName(name)
b.WithNamespace(namespace)
b.WithKind("UpdateRequest")
b.WithAPIVersion("kyverno.io/v2")
return b
}
// WithKind sets the Kind field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Kind field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithKind(value string) *UpdateRequestApplyConfiguration {
b.Kind = &value
return b
}
// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the APIVersion field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithAPIVersion(value string) *UpdateRequestApplyConfiguration {
b.APIVersion = &value
return b
}
// WithName sets the Name field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Name field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithName(value string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.Name = &value
return b
}
// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the GenerateName field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithGenerateName(value string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.GenerateName = &value
return b
}
// WithNamespace sets the Namespace field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Namespace field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithNamespace(value string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.Namespace = &value
return b
}
// WithUID sets the UID field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the UID field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithUID(value types.UID) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.UID = &value
return b
}
// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the ResourceVersion field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithResourceVersion(value string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.ResourceVersion = &value
return b
}
// WithGeneration sets the Generation field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Generation field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithGeneration(value int64) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.Generation = &value
return b
}
// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the CreationTimestamp field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithCreationTimestamp(value metav1.Time) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.CreationTimestamp = &value
return b
}
// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.DeletionTimestamp = &value
return b
}
// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
b.DeletionGracePeriodSeconds = &value
return b
}
// WithLabels puts the entries into the Labels field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, the entries provided by each call will be put on the Labels field,
// overwriting an existing map entries in Labels field with the same key.
func (b *UpdateRequestApplyConfiguration) WithLabels(entries map[string]string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
if b.Labels == nil && len(entries) > 0 {
b.Labels = make(map[string]string, len(entries))
}
for k, v := range entries {
b.Labels[k] = v
}
return b
}
// WithAnnotations puts the entries into the Annotations field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, the entries provided by each call will be put on the Annotations field,
// overwriting an existing map entries in Annotations field with the same key.
func (b *UpdateRequestApplyConfiguration) WithAnnotations(entries map[string]string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
if b.Annotations == nil && len(entries) > 0 {
b.Annotations = make(map[string]string, len(entries))
}
for k, v := range entries {
b.Annotations[k] = v
}
return b
}
// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
func (b *UpdateRequestApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
for i := range values {
if values[i] == nil {
panic("nil value passed to WithOwnerReferences")
}
b.OwnerReferences = append(b.OwnerReferences, *values[i])
}
return b
}
// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the Finalizers field.
func (b *UpdateRequestApplyConfiguration) WithFinalizers(values ...string) *UpdateRequestApplyConfiguration {
b.ensureObjectMetaApplyConfigurationExists()
for i := range values {
b.Finalizers = append(b.Finalizers, values[i])
}
return b
}
func (b *UpdateRequestApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
if b.ObjectMetaApplyConfiguration == nil {
b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
}
}
// WithSpec sets the Spec field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Spec field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithSpec(value *UpdateRequestSpecApplyConfiguration) *UpdateRequestApplyConfiguration {
b.Spec = value
return b
}
// WithStatus sets the Status field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Status field is set to the value of the last call.
func (b *UpdateRequestApplyConfiguration) WithStatus(value *UpdateRequestStatusApplyConfiguration) *UpdateRequestApplyConfiguration {
b.Status = value
return b
}

98
pkg/client/applyconfigurations/kyverno/v2/updaterequestspec.go Normal file
View file

@ -0,0 +1,98 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
import (
v2 "github.com/kyverno/kyverno/api/kyverno/v2"
v1 "github.com/kyverno/kyverno/pkg/client/applyconfigurations/kyverno/v1"
)
// UpdateRequestSpecApplyConfiguration represents an declarative configuration of the UpdateRequestSpec type for use
// with apply.
type UpdateRequestSpecApplyConfiguration struct {
Type *v2.RequestType `json:"requestType,omitempty"`
Policy *string `json:"policy,omitempty"`
Rule *string `json:"rule,omitempty"`
DeleteDownstream *bool `json:"deleteDownstream,omitempty"`
Synchronize *bool `json:"synchronize,omitempty"`
Resource *v1.ResourceSpecApplyConfiguration `json:"resource,omitempty"`
Context *UpdateRequestSpecContextApplyConfiguration `json:"context,omitempty"`
}
// UpdateRequestSpecApplyConfiguration constructs an declarative configuration of the UpdateRequestSpec type for use with
// apply.
func UpdateRequestSpec() *UpdateRequestSpecApplyConfiguration {
return &UpdateRequestSpecApplyConfiguration{}
}
// WithType sets the Type field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Type field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithType(value v2.RequestType) *UpdateRequestSpecApplyConfiguration {
b.Type = &value
return b
}
// WithPolicy sets the Policy field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Policy field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithPolicy(value string) *UpdateRequestSpecApplyConfiguration {
b.Policy = &value
return b
}
// WithRule sets the Rule field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Rule field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithRule(value string) *UpdateRequestSpecApplyConfiguration {
b.Rule = &value
return b
}
// WithDeleteDownstream sets the DeleteDownstream field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the DeleteDownstream field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithDeleteDownstream(value bool) *UpdateRequestSpecApplyConfiguration {
b.DeleteDownstream = &value
return b
}
// WithSynchronize sets the Synchronize field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Synchronize field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithSynchronize(value bool) *UpdateRequestSpecApplyConfiguration {
b.Synchronize = &value
return b
}
// WithResource sets the Resource field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Resource field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithResource(value *v1.ResourceSpecApplyConfiguration) *UpdateRequestSpecApplyConfiguration {
b.Resource = value
return b
}
// WithContext sets the Context field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Context field is set to the value of the last call.
func (b *UpdateRequestSpecApplyConfiguration) WithContext(value *UpdateRequestSpecContextApplyConfiguration) *UpdateRequestSpecApplyConfiguration {
b.Context = value
return b
}

48
pkg/client/applyconfigurations/kyverno/v2/updaterequestspeccontext.go Normal file
View file

@ -0,0 +1,48 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
// UpdateRequestSpecContextApplyConfiguration represents an declarative configuration of the UpdateRequestSpecContext type for use
// with apply.
type UpdateRequestSpecContextApplyConfiguration struct {
UserRequestInfo *RequestInfoApplyConfiguration `json:"userInfo,omitempty"`
AdmissionRequestInfo *AdmissionRequestInfoObjectApplyConfiguration `json:"admissionRequestInfo,omitempty"`
}
// UpdateRequestSpecContextApplyConfiguration constructs an declarative configuration of the UpdateRequestSpecContext type for use with
// apply.
func UpdateRequestSpecContext() *UpdateRequestSpecContextApplyConfiguration {
return &UpdateRequestSpecContextApplyConfiguration{}
}
// WithUserRequestInfo sets the UserRequestInfo field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the UserRequestInfo field is set to the value of the last call.
func (b *UpdateRequestSpecContextApplyConfiguration) WithUserRequestInfo(value *RequestInfoApplyConfiguration) *UpdateRequestSpecContextApplyConfiguration {
b.UserRequestInfo = value
return b
}
// WithAdmissionRequestInfo sets the AdmissionRequestInfo field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the AdmissionRequestInfo field is set to the value of the last call.
func (b *UpdateRequestSpecContextApplyConfiguration) WithAdmissionRequestInfo(value *AdmissionRequestInfoObjectApplyConfiguration) *UpdateRequestSpecContextApplyConfiguration {
b.AdmissionRequestInfo = value
return b
}

76
pkg/client/applyconfigurations/kyverno/v2/updaterequeststatus.go Normal file
View file

@ -0,0 +1,76 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
package v2
import (
v2 "github.com/kyverno/kyverno/api/kyverno/v2"
v1 "github.com/kyverno/kyverno/pkg/client/applyconfigurations/kyverno/v1"
)
// UpdateRequestStatusApplyConfiguration represents an declarative configuration of the UpdateRequestStatus type for use
// with apply.
type UpdateRequestStatusApplyConfiguration struct {
State *v2.UpdateRequestState `json:"state,omitempty"`
Message *string `json:"message,omitempty"`
GeneratedResources []v1.ResourceSpecApplyConfiguration `json:"generatedResources,omitempty"`
RetryCount *int `json:"retryCount,omitempty"`
}
// UpdateRequestStatusApplyConfiguration constructs an declarative configuration of the UpdateRequestStatus type for use with
// apply.
func UpdateRequestStatus() *UpdateRequestStatusApplyConfiguration {
return &UpdateRequestStatusApplyConfiguration{}
}
// WithState sets the State field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the State field is set to the value of the last call.
func (b *UpdateRequestStatusApplyConfiguration) WithState(value v2.UpdateRequestState) *UpdateRequestStatusApplyConfiguration {
b.State = &value
return b
}
// WithMessage sets the Message field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the Message field is set to the value of the last call.
func (b *UpdateRequestStatusApplyConfiguration) WithMessage(value string) *UpdateRequestStatusApplyConfiguration {
b.Message = &value
return b
}
// WithGeneratedResources adds the given value to the GeneratedResources field in the declarative configuration
// and returns the receiver, so that objects can be build by chaining "With" function invocations.
// If called multiple times, values provided by each call will be appended to the GeneratedResources field.
func (b *UpdateRequestStatusApplyConfiguration) WithGeneratedResources(values ...*v1.ResourceSpecApplyConfiguration) *UpdateRequestStatusApplyConfiguration {
for i := range values {
if values[i] == nil {
panic("nil value passed to WithGeneratedResources")
}
b.GeneratedResources = append(b.GeneratedResources, *values[i])
}
return b
}
// WithRetryCount sets the RetryCount field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the RetryCount field is set to the value of the last call.
func (b *UpdateRequestStatusApplyConfiguration) WithRetryCount(value int) *UpdateRequestStatusApplyConfiguration {
b.RetryCount = &value
return b
}

12
pkg/client/applyconfigurations/utils.go
View file

@ -171,6 +171,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
return &kyvernov2.AdmissionReportApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("AdmissionReportSpec"):
return &kyvernov2.AdmissionReportSpecApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("AdmissionRequestInfoObject"):
return &kyvernov2.AdmissionRequestInfoObjectApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("AnyAllConditions"):
return &kyvernov2.AnyAllConditionsApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("BackgroundScanReport"):
@ -199,6 +201,16 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
return &kyvernov2.PolicyExceptionApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("PolicyExceptionSpec"):
return &kyvernov2.PolicyExceptionSpecApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("RequestInfo"):
return &kyvernov2.RequestInfoApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("UpdateRequest"):
return &kyvernov2.UpdateRequestApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("UpdateRequestSpec"):
return &kyvernov2.UpdateRequestSpecApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("UpdateRequestSpecContext"):
return &kyvernov2.UpdateRequestSpecContextApplyConfiguration{}
case v2.SchemeGroupVersion.WithKind("UpdateRequestStatus"):
return &kyvernov2.UpdateRequestStatusApplyConfiguration{}
// Group=kyverno.io, Version=v2alpha1
case v2alpha1.SchemeGroupVersion.WithKind("CleanupPolicy"):

4
pkg/client/clientset/versioned/typed/kyverno/v2/fake/fake_kyverno_client.go
View file

@ -56,6 +56,10 @@ func (c *FakeKyvernoV2) PolicyExceptions(namespace string) v2.PolicyExceptionInt
return &FakePolicyExceptions{c, namespace}
}
func (c *FakeKyvernoV2) UpdateRequests(namespace string) v2.UpdateRequestInterface {
return &FakeUpdateRequests{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *FakeKyvernoV2) RESTClient() rest.Interface {

141
pkg/client/clientset/versioned/typed/kyverno/v2/fake/fake_updaterequest.go Normal file
View file

@ -0,0 +1,141 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v2 "github.com/kyverno/kyverno/api/kyverno/v2"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeUpdateRequests implements UpdateRequestInterface
type FakeUpdateRequests struct {
Fake *FakeKyvernoV2
ns string
}
var updaterequestsResource = v2.SchemeGroupVersion.WithResource("updaterequests")
var updaterequestsKind = v2.SchemeGroupVersion.WithKind("UpdateRequest")
// Get takes name of the updateRequest, and returns the corresponding updateRequest object, and an error if there is any.
func (c *FakeUpdateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v2.UpdateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(updaterequestsResource, c.ns, name), &v2.UpdateRequest{})
if obj == nil {
return nil, err
}
return obj.(*v2.UpdateRequest), err
}
// List takes label and field selectors, and returns the list of UpdateRequests that match those selectors.
func (c *FakeUpdateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v2.UpdateRequestList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(updaterequestsResource, updaterequestsKind, c.ns, opts), &v2.UpdateRequestList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v2.UpdateRequestList{ListMeta: obj.(*v2.UpdateRequestList).ListMeta}
for _, item := range obj.(*v2.UpdateRequestList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested updateRequests.
func (c *FakeUpdateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(updaterequestsResource, c.ns, opts))
}
// Create takes the representation of a updateRequest and creates it. Returns the server's representation of the updateRequest, and an error, if there is any.
func (c *FakeUpdateRequests) Create(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.CreateOptions) (result *v2.UpdateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(updaterequestsResource, c.ns, updateRequest), &v2.UpdateRequest{})
if obj == nil {
return nil, err
}
return obj.(*v2.UpdateRequest), err
}
// Update takes the representation of a updateRequest and updates it. Returns the server's representation of the updateRequest, and an error, if there is any.
func (c *FakeUpdateRequests) Update(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (result *v2.UpdateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(updaterequestsResource, c.ns, updateRequest), &v2.UpdateRequest{})
if obj == nil {
return nil, err
}
return obj.(*v2.UpdateRequest), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeUpdateRequests) UpdateStatus(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (*v2.UpdateRequest, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(updaterequestsResource, "status", c.ns, updateRequest), &v2.UpdateRequest{})
if obj == nil {
return nil, err
}
return obj.(*v2.UpdateRequest), err
}
// Delete takes name of the updateRequest and deletes it. Returns an error if one occurs.
func (c *FakeUpdateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteActionWithOptions(updaterequestsResource, c.ns, name, opts), &v2.UpdateRequest{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeUpdateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(updaterequestsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v2.UpdateRequestList{})
return err
}
// Patch applies the patch and returns the patched updateRequest.
func (c *FakeUpdateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v2.UpdateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(updaterequestsResource, c.ns, name, pt, data, subresources...), &v2.UpdateRequest{})
if obj == nil {
return nil, err
}
return obj.(*v2.UpdateRequest), err
}

2
pkg/client/clientset/versioned/typed/kyverno/v2/generated_expansion.go
View file

@ -31,3 +31,5 @@ type ClusterBackgroundScanReportExpansion interface{}
type ClusterCleanupPolicyExpansion interface{}
type PolicyExceptionExpansion interface{}
type UpdateRequestExpansion interface{}

5
pkg/client/clientset/versioned/typed/kyverno/v2/kyverno_client.go
View file

@ -35,6 +35,7 @@ type KyvernoV2Interface interface {
ClusterBackgroundScanReportsGetter
ClusterCleanupPoliciesGetter
PolicyExceptionsGetter
UpdateRequestsGetter
}
// KyvernoV2Client is used to interact with features provided by the kyverno.io group.
@ -70,6 +71,10 @@ func (c *KyvernoV2Client) PolicyExceptions(namespace string) PolicyExceptionInte
return newPolicyExceptions(c, namespace)
}
func (c *KyvernoV2Client) UpdateRequests(namespace string) UpdateRequestInterface {
return newUpdateRequests(c, namespace)
}
// NewForConfig creates a new KyvernoV2Client for the given config.
// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
// where httpClient was generated with rest.HTTPClientFor(c).

195
pkg/client/clientset/versioned/typed/kyverno/v2/updaterequest.go Normal file
View file

@ -0,0 +1,195 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v2
import (
"context"
"time"
v2 "github.com/kyverno/kyverno/api/kyverno/v2"
scheme "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// UpdateRequestsGetter has a method to return a UpdateRequestInterface.
// A group's client should implement this interface.
type UpdateRequestsGetter interface {
UpdateRequests(namespace string) UpdateRequestInterface
}
// UpdateRequestInterface has methods to work with UpdateRequest resources.
type UpdateRequestInterface interface {
Create(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.CreateOptions) (*v2.UpdateRequest, error)
Update(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (*v2.UpdateRequest, error)
UpdateStatus(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (*v2.UpdateRequest, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v2.UpdateRequest, error)
List(ctx context.Context, opts v1.ListOptions) (*v2.UpdateRequestList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v2.UpdateRequest, err error)
UpdateRequestExpansion
}
// updateRequests implements UpdateRequestInterface
type updateRequests struct {
client rest.Interface
ns string
}
// newUpdateRequests returns a UpdateRequests
func newUpdateRequests(c *KyvernoV2Client, namespace string) *updateRequests {
return &updateRequests{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the updateRequest, and returns the corresponding updateRequest object, and an error if there is any.
func (c *updateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v2.UpdateRequest, err error) {
result = &v2.UpdateRequest{}
err = c.client.Get().
Namespace(c.ns).
Resource("updaterequests").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of UpdateRequests that match those selectors.
func (c *updateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v2.UpdateRequestList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v2.UpdateRequestList{}
err = c.client.Get().
Namespace(c.ns).
Resource("updaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested updateRequests.
func (c *updateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("updaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a updateRequest and creates it. Returns the server's representation of the updateRequest, and an error, if there is any.
func (c *updateRequests) Create(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.CreateOptions) (result *v2.UpdateRequest, err error) {
result = &v2.UpdateRequest{}
err = c.client.Post().
Namespace(c.ns).
Resource("updaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Body(updateRequest).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a updateRequest and updates it. Returns the server's representation of the updateRequest, and an error, if there is any.
func (c *updateRequests) Update(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (result *v2.UpdateRequest, err error) {
result = &v2.UpdateRequest{}
err = c.client.Put().
Namespace(c.ns).
Resource("updaterequests").
Name(updateRequest.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(updateRequest).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *updateRequests) UpdateStatus(ctx context.Context, updateRequest *v2.UpdateRequest, opts v1.UpdateOptions) (result *v2.UpdateRequest, err error) {
result = &v2.UpdateRequest{}
err = c.client.Put().
Namespace(c.ns).
Resource("updaterequests").
Name(updateRequest.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(updateRequest).
Do(ctx).
Into(result)
return
}
// Delete takes name of the updateRequest and deletes it. Returns an error if one occurs.
func (c *updateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("updaterequests").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *updateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("updaterequests").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched updateRequest.
func (c *updateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v2.UpdateRequest, err error) {
result = &v2.UpdateRequest{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("updaterequests").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

2
pkg/client/informers/externalversions/generic.go
View file

@ -93,6 +93,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V2().ClusterCleanupPolicies().Informer()}, nil
case v2.SchemeGroupVersion.WithResource("policyexceptions"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V2().PolicyExceptions().Informer()}, nil
case v2.SchemeGroupVersion.WithResource("updaterequests"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V2().UpdateRequests().Informer()}, nil
// Group=kyverno.io, Version=v2alpha1
case v2alpha1.SchemeGroupVersion.WithResource("cleanuppolicies"):

7
pkg/client/informers/externalversions/kyverno/v2/interface.go
View file

@ -38,6 +38,8 @@ type Interface interface {
ClusterCleanupPolicies() ClusterCleanupPolicyInformer
// PolicyExceptions returns a PolicyExceptionInformer.
PolicyExceptions() PolicyExceptionInformer
// UpdateRequests returns a UpdateRequestInformer.
UpdateRequests() UpdateRequestInformer
}
type version struct {
@ -85,3 +87,8 @@ func (v *version) ClusterCleanupPolicies() ClusterCleanupPolicyInformer {
func (v *version) PolicyExceptions() PolicyExceptionInformer {
return &policyExceptionInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}
// UpdateRequests returns a UpdateRequestInformer.
func (v *version) UpdateRequests() UpdateRequestInformer {
return &updateRequestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

90
pkg/client/informers/externalversions/kyverno/v2/updaterequest.go Normal file
View file

@ -0,0 +1,90 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v2
import (
"context"
time "time"
kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v2 "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v2"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// UpdateRequestInformer provides access to a shared informer and lister for
// UpdateRequests.
type UpdateRequestInformer interface {
Informer() cache.SharedIndexInformer
Lister() v2.UpdateRequestLister
}
type updateRequestInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewUpdateRequestInformer constructs a new informer for UpdateRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewUpdateRequestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredUpdateRequestInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredUpdateRequestInformer constructs a new informer for UpdateRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredUpdateRequestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV2().UpdateRequests(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV2().UpdateRequests(namespace).Watch(context.TODO(), options)
},
},
&kyvernov2.UpdateRequest{},
resyncPeriod,
indexers,
)
}
func (f *updateRequestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredUpdateRequestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *updateRequestInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&kyvernov2.UpdateRequest{}, f.defaultInformer)
}
func (f *updateRequestInformer) Lister() v2.UpdateRequestLister {
return v2.NewUpdateRequestLister(f.Informer().GetIndexer())
}

8
pkg/client/listers/kyverno/v2/expansion_generated.go
View file

@ -61,3 +61,11 @@ type PolicyExceptionListerExpansion interface{}
// PolicyExceptionNamespaceListerExpansion allows custom methods to be added to
// PolicyExceptionNamespaceLister.
type PolicyExceptionNamespaceListerExpansion interface{}
// UpdateRequestListerExpansion allows custom methods to be added to
// UpdateRequestLister.
type UpdateRequestListerExpansion interface{}
// UpdateRequestNamespaceListerExpansion allows custom methods to be added to
// UpdateRequestNamespaceLister.
type UpdateRequestNamespaceListerExpansion interface{}

99
pkg/client/listers/kyverno/v2/updaterequest.go Normal file
View file

@ -0,0 +1,99 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by lister-gen. DO NOT EDIT.
package v2
import (
v2 "github.com/kyverno/kyverno/api/kyverno/v2"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// UpdateRequestLister helps list UpdateRequests.
// All objects returned here must be treated as read-only.
type UpdateRequestLister interface {
// List lists all UpdateRequests in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v2.UpdateRequest, err error)
// UpdateRequests returns an object that can list and get UpdateRequests.
UpdateRequests(namespace string) UpdateRequestNamespaceLister
UpdateRequestListerExpansion
}
// updateRequestLister implements the UpdateRequestLister interface.
type updateRequestLister struct {
indexer cache.Indexer
}
// NewUpdateRequestLister returns a new UpdateRequestLister.
func NewUpdateRequestLister(indexer cache.Indexer) UpdateRequestLister {
return &updateRequestLister{indexer: indexer}
}
// List lists all UpdateRequests in the indexer.
func (s *updateRequestLister) List(selector labels.Selector) (ret []*v2.UpdateRequest, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v2.UpdateRequest))
})
return ret, err
}
// UpdateRequests returns an object that can list and get UpdateRequests.
func (s *updateRequestLister) UpdateRequests(namespace string) UpdateRequestNamespaceLister {
return updateRequestNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// UpdateRequestNamespaceLister helps list and get UpdateRequests.
// All objects returned here must be treated as read-only.
type UpdateRequestNamespaceLister interface {
// List lists all UpdateRequests in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v2.UpdateRequest, err error)
// Get retrieves the UpdateRequest from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v2.UpdateRequest, error)
UpdateRequestNamespaceListerExpansion
}
// updateRequestNamespaceLister implements the UpdateRequestNamespaceLister
// interface.
type updateRequestNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all UpdateRequests in the indexer for a given namespace.
func (s updateRequestNamespaceLister) List(selector labels.Selector) (ret []*v2.UpdateRequest, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v2.UpdateRequest))
})
return ret, err
}
// Get retrieves the UpdateRequest from the indexer for a given namespace and name.
func (s updateRequestNamespaceLister) Get(name string) (*v2.UpdateRequest, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v2.Resource("updaterequest"), name)
}
return obj.(*v2.UpdateRequest), nil
}

11
pkg/clients/kyverno/kyvernov2/client.generated.go
View file

@ -10,6 +10,7 @@ import (
clusterbackgroundscanreports "github.com/kyverno/kyverno/pkg/clients/kyverno/kyvernov2/clusterbackgroundscanreports"
clustercleanuppolicies "github.com/kyverno/kyverno/pkg/clients/kyverno/kyvernov2/clustercleanuppolicies"
policyexceptions "github.com/kyverno/kyverno/pkg/clients/kyverno/kyvernov2/policyexceptions"
updaterequests "github.com/kyverno/kyverno/pkg/clients/kyverno/kyvernov2/updaterequests"
"github.com/kyverno/kyverno/pkg/metrics"
"k8s.io/client-go/rest"
)
@ -63,6 +64,10 @@ func (c *withMetrics) PolicyExceptions(namespace string) github_com_kyverno_kyve
recorder := metrics.NamespacedClientQueryRecorder(c.metrics, namespace, "PolicyException", c.clientType)
return policyexceptions.WithMetrics(c.inner.PolicyExceptions(namespace), recorder)
}
func (c *withMetrics) UpdateRequests(namespace string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
recorder := metrics.NamespacedClientQueryRecorder(c.metrics, namespace, "UpdateRequest", c.clientType)
return updaterequests.WithMetrics(c.inner.UpdateRequests(namespace), recorder)
}
type withTracing struct {
inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.KyvernoV2Interface
@ -93,6 +98,9 @@ func (c *withTracing) ClusterCleanupPolicies() github_com_kyverno_kyverno_pkg_cl
func (c *withTracing) PolicyExceptions(namespace string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.PolicyExceptionInterface {
return policyexceptions.WithTracing(c.inner.PolicyExceptions(namespace), c.client, "PolicyException")
}
func (c *withTracing) UpdateRequests(namespace string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
return updaterequests.WithTracing(c.inner.UpdateRequests(namespace), c.client, "UpdateRequest")
}
type withLogging struct {
inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.KyvernoV2Interface
@ -123,3 +131,6 @@ func (c *withLogging) ClusterCleanupPolicies() github_com_kyverno_kyverno_pkg_cl
func (c *withLogging) PolicyExceptions(namespace string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.PolicyExceptionInterface {
return policyexceptions.WithLogging(c.inner.PolicyExceptions(namespace), c.logger.WithValues("resource", "PolicyExceptions").WithValues("namespace", namespace))
}
func (c *withLogging) UpdateRequests(namespace string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
return updaterequests.WithLogging(c.inner.UpdateRequests(namespace), c.logger.WithValues("resource", "UpdateRequests").WithValues("namespace", namespace))
}

373
pkg/clients/kyverno/kyvernov2/updaterequests/resource.generated.go Normal file
View file

@ -0,0 +1,373 @@
package resource
import (
context "context"
"fmt"
"time"
"github.com/go-logr/logr"
github_com_kyverno_kyverno_api_kyverno_v2 "github.com/kyverno/kyverno/api/kyverno/v2"
github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v2"
"github.com/kyverno/kyverno/pkg/metrics"
"github.com/kyverno/kyverno/pkg/tracing"
"go.opentelemetry.io/otel/trace"
"go.uber.org/multierr"
k8s_io_apimachinery_pkg_apis_meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
k8s_io_apimachinery_pkg_types "k8s.io/apimachinery/pkg/types"
k8s_io_apimachinery_pkg_watch "k8s.io/apimachinery/pkg/watch"
)
func WithLogging(inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface, logger logr.Logger) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
return &withLogging{inner, logger}
}
func WithMetrics(inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface, recorder metrics.Recorder) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
return &withMetrics{inner, recorder}
}
func WithTracing(inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface, client, kind string) github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface {
return &withTracing{inner, client, kind}
}
type withLogging struct {
inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface
logger logr.Logger
}
func (c *withLogging) Create(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.CreateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "Create")
ret0, ret1 := c.inner.Create(arg0, arg1, arg2)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "Create failed", "duration", time.Since(start))
} else {
logger.Info("Create done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) Delete(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions) error {
start := time.Now()
logger := c.logger.WithValues("operation", "Delete")
ret0 := c.inner.Delete(arg0, arg1, arg2)
if err := multierr.Combine(ret0); err != nil {
logger.Error(err, "Delete failed", "duration", time.Since(start))
} else {
logger.Info("Delete done", "duration", time.Since(start))
}
return ret0
}
func (c *withLogging) DeleteCollection(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) error {
start := time.Now()
logger := c.logger.WithValues("operation", "DeleteCollection")
ret0 := c.inner.DeleteCollection(arg0, arg1, arg2)
if err := multierr.Combine(ret0); err != nil {
logger.Error(err, "DeleteCollection failed", "duration", time.Since(start))
} else {
logger.Info("DeleteCollection done", "duration", time.Since(start))
}
return ret0
}
func (c *withLogging) Get(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.GetOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "Get")
ret0, ret1 := c.inner.Get(arg0, arg1, arg2)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "Get failed", "duration", time.Since(start))
} else {
logger.Info("Get done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) List(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequestList, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "List")
ret0, ret1 := c.inner.List(arg0, arg1)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "List failed", "duration", time.Since(start))
} else {
logger.Info("List done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) Patch(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_types.PatchType, arg3 []uint8, arg4 k8s_io_apimachinery_pkg_apis_meta_v1.PatchOptions, arg5 ...string) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "Patch")
ret0, ret1 := c.inner.Patch(arg0, arg1, arg2, arg3, arg4, arg5...)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "Patch failed", "duration", time.Since(start))
} else {
logger.Info("Patch done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) Update(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "Update")
ret0, ret1 := c.inner.Update(arg0, arg1, arg2)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "Update failed", "duration", time.Since(start))
} else {
logger.Info("Update done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) UpdateStatus(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "UpdateStatus")
ret0, ret1 := c.inner.UpdateStatus(arg0, arg1, arg2)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "UpdateStatus failed", "duration", time.Since(start))
} else {
logger.Info("UpdateStatus done", "duration", time.Since(start))
}
return ret0, ret1
}
func (c *withLogging) Watch(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (k8s_io_apimachinery_pkg_watch.Interface, error) {
start := time.Now()
logger := c.logger.WithValues("operation", "Watch")
ret0, ret1 := c.inner.Watch(arg0, arg1)
if err := multierr.Combine(ret1); err != nil {
logger.Error(err, "Watch failed", "duration", time.Since(start))
} else {
logger.Info("Watch done", "duration", time.Since(start))
}
return ret0, ret1
}
type withMetrics struct {
inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface
recorder metrics.Recorder
}
func (c *withMetrics) Create(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.CreateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
defer c.recorder.RecordWithContext(arg0, "create")
return c.inner.Create(arg0, arg1, arg2)
}
func (c *withMetrics) Delete(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions) error {
defer c.recorder.RecordWithContext(arg0, "delete")
return c.inner.Delete(arg0, arg1, arg2)
}
func (c *withMetrics) DeleteCollection(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) error {
defer c.recorder.RecordWithContext(arg0, "delete_collection")
return c.inner.DeleteCollection(arg0, arg1, arg2)
}
func (c *withMetrics) Get(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.GetOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
defer c.recorder.RecordWithContext(arg0, "get")
return c.inner.Get(arg0, arg1, arg2)
}
func (c *withMetrics) List(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequestList, error) {
defer c.recorder.RecordWithContext(arg0, "list")
return c.inner.List(arg0, arg1)
}
func (c *withMetrics) Patch(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_types.PatchType, arg3 []uint8, arg4 k8s_io_apimachinery_pkg_apis_meta_v1.PatchOptions, arg5 ...string) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
defer c.recorder.RecordWithContext(arg0, "patch")
return c.inner.Patch(arg0, arg1, arg2, arg3, arg4, arg5...)
}
func (c *withMetrics) Update(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
defer c.recorder.RecordWithContext(arg0, "update")
return c.inner.Update(arg0, arg1, arg2)
}
func (c *withMetrics) UpdateStatus(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
defer c.recorder.RecordWithContext(arg0, "update_status")
return c.inner.UpdateStatus(arg0, arg1, arg2)
}
func (c *withMetrics) Watch(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (k8s_io_apimachinery_pkg_watch.Interface, error) {
defer c.recorder.RecordWithContext(arg0, "watch")
return c.inner.Watch(arg0, arg1)
}
type withTracing struct {
inner github_com_kyverno_kyverno_pkg_client_clientset_versioned_typed_kyverno_v2.UpdateRequestInterface
client string
kind string
}
func (c *withTracing) Create(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.CreateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Create"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Create"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.Create(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) Delete(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions) error {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Delete"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Delete"),
),
)
defer span.End()
}
ret0 := c.inner.Delete(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret0)
}
return ret0
}
func (c *withTracing) DeleteCollection(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) error {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "DeleteCollection"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("DeleteCollection"),
),
)
defer span.End()
}
ret0 := c.inner.DeleteCollection(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret0)
}
return ret0
}
func (c *withTracing) Get(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.GetOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Get"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Get"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.Get(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) List(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequestList, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "List"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("List"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.List(arg0, arg1)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) Patch(arg0 context.Context, arg1 string, arg2 k8s_io_apimachinery_pkg_types.PatchType, arg3 []uint8, arg4 k8s_io_apimachinery_pkg_apis_meta_v1.PatchOptions, arg5 ...string) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Patch"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Patch"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.Patch(arg0, arg1, arg2, arg3, arg4, arg5...)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) Update(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Update"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Update"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.Update(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) UpdateStatus(arg0 context.Context, arg1 *github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, arg2 k8s_io_apimachinery_pkg_apis_meta_v1.UpdateOptions) (*github_com_kyverno_kyverno_api_kyverno_v2.UpdateRequest, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "UpdateStatus"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("UpdateStatus"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.UpdateStatus(arg0, arg1, arg2)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}
func (c *withTracing) Watch(arg0 context.Context, arg1 k8s_io_apimachinery_pkg_apis_meta_v1.ListOptions) (k8s_io_apimachinery_pkg_watch.Interface, error) {
var span trace.Span
if tracing.IsInSpan(arg0) {
arg0, span = tracing.StartChildSpan(
arg0,
"",
fmt.Sprintf("KUBE %s/%s/%s", c.client, c.kind, "Watch"),
trace.WithAttributes(
tracing.KubeClientGroupKey.String(c.client),
tracing.KubeClientKindKey.String(c.kind),
tracing.KubeClientOperationKey.String("Watch"),
),
)
defer span.End()
}
ret0, ret1 := c.inner.Watch(arg0, arg1)
if span != nil {
tracing.SetSpanStatus(span, ret1)
}
return ret0, ret1
}