mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

fix: correct cli test duplicate check (#6630)

Browse source 
* fix: correct cli test dublicate check

Signed-off-by: bakito <github@bakito.ch>

* warn when resources are duplicated

Signed-off-by: bakito <github@bakito.ch>

---------

Signed-off-by: bakito <github@bakito.ch>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Marc Brugger 2023-03-22 19:12:34 +01:00 committed by GitHub
parent 49f0baa277
commit 68e4b9de12
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 41 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
cmd/cli/kubectl-kyverno/test/test_command.go
View file

@ -856,37 +856,7 @@ func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool,
os.Exit(1) os.Exit(1)
} }
filteredResources := []*unstructured.Unstructured{} checkableResources := selectResourcesForCheck(resources, values)
for _, r := range resources {
for _, res := range values.Results {
for _, testr := range res.Resources {
if r.GetName() == testr {
filteredResources = append(filteredResources, r)
}
}
if r.GetName() == res.Resource {
filteredResources = append(filteredResources, r)
break
}
}
}
resources = filteredResources
noDuplicateResources := []*unstructured.Unstructured{}
for _, resource := range resources {
duplicate := false
for _, unique := range noDuplicateResources {
if resource.GetKind() == unique.GetKind() && resource.GetName() == unique.GetName() && resource.GetNamespace() == unique.GetNamespace() {
duplicate = true
fmt.Println("skipping duplicate resource, resource :", resource)
break
}
}
if !duplicate {
noDuplicateResources = append(noDuplicateResources, resource)
}
}
msgPolicies := "1 policy" msgPolicies := "1 policy"
if len(policies) > 1 { if len(policies) > 1 {
@ -894,11 +864,11 @@ func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool,
} }
msgResources := "1 resource" msgResources := "1 resource"
if len(noDuplicateResources) > 1 { if len(checkableResources) > 1 {
msgResources = fmt.Sprintf("%d resources", len(noDuplicateResources)) msgResources = fmt.Sprintf("%d resources", len(checkableResources))
} }
if len(policies) > 0 && len(noDuplicateResources) > 0 { if len(policies) > 0 && len(checkableResources) > 0 {
fmt.Printf("\napplying %s to %s... \n", msgPolicies, msgResources) fmt.Printf("\napplying %s to %s... \n", msgPolicies, msgResources)
} }
@ -923,7 +893,7 @@ func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool,
kindOnwhichPolicyIsApplied := common.GetKindsFromPolicy(policy, subresources, dClient) kindOnwhichPolicyIsApplied := common.GetKindsFromPolicy(policy, subresources, dClient)
for _, resource := range noDuplicateResources { for _, resource := range checkableResources {
thisPolicyResourceValues, err := common.CheckVariableForPolicy(valuesMap, globalValMap, policy.GetName(), resource.GetName(), resource.GetKind(), variables, kindOnwhichPolicyIsApplied, variable) thisPolicyResourceValues, err := common.CheckVariableForPolicy(valuesMap, globalValMap, policy.GetName(), resource.GetName(), resource.GetKind(), variables, kindOnwhichPolicyIsApplied, variable)
if err != nil { if err != nil {
return sanitizederror.NewWithError(fmt.Sprintf("policy `%s` have variables. pass the values for the variables for resource `%s` using set/values_file flag", policy.GetName(), resource.GetName()), err) return sanitizederror.NewWithError(fmt.Sprintf("policy `%s` have variables. pass the values for the variables for resource `%s` using set/values_file flag", policy.GetName(), resource.GetName()), err)
@ -958,6 +928,42 @@ func applyPoliciesFromPath(fs billy.Filesystem, policyBytes []byte, isGit bool,
return return
} }
func selectResourcesForCheck(resources []*unstructured.Unstructured, values *api.Test) []*unstructured.Unstructured {
uniqResources := make(map[string]*unstructured.Unstructured)
for i := range resources {
r := resources[i]
key := fmt.Sprintf("%s/%s/%s", r.GetKind(), r.GetName(), r.GetNamespace())
if _, ok := uniqResources[key]; ok {
fmt.Println("skipping duplicate resource, resource :", r)
} else {
uniqResources[key] = r
}
}
selectedResources := map[string]*unstructured.Unstructured{}
for key := range uniqResources {
r := uniqResources[key]
for _, res := range values.Results {
for _, testr := range res.Resources {
if r.GetName() == testr {
selectedResources[key] = r
}
}
if r.GetName() == res.Resource {
selectedResources[key] = r
}
}
}
var checkableResources []*unstructured.Unstructured
for key := range selectedResources {
checkableResources = append(checkableResources, selectedResources[key])
}
return checkableResources
}
func printTestResult(resps map[string]policyreportv1alpha2.PolicyReportResult, testResults []api.TestResults, rc *resultCounts, failOnly, removeColor bool) error { func printTestResult(resps map[string]policyreportv1alpha2.PolicyReportResult, testResults []api.TestResults, rc *resultCounts, failOnly, removeColor bool) error {
printer := newTablePrinter(removeColor) printer := newTablePrinter(removeColor)
table := []Table{} table := []Table{}