mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
[Bug] Fix message and formatting of podSecurity validation failure with restrictedField (#9658)
* fix format Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> * fix test Signed-off-by: GitHub <noreply@github.com> --------- Signed-off-by: Suruchi Kumari <suruchikumarimfp4@gmail.com> Signed-off-by: GitHub <noreply@github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
parent
1c72599ff1
commit
704c6722ec
2 changed files with 3 additions and 3 deletions
|
@ -331,7 +331,7 @@ func GetRestrictedFields(check policy.Check) []pssutils.RestrictedField {
|
|||
func FormatChecksPrint(checks []pssutils.PSSCheckResult) string {
|
||||
var str string
|
||||
for _, check := range checks {
|
||||
str += fmt.Sprintf("\n(Forbidden reason: %s, field error list: [", check.CheckResult.ForbiddenReason)
|
||||
str += fmt.Sprintf("(Forbidden reason: %s, field error list: [", check.CheckResult.ForbiddenReason)
|
||||
for idx, err := range *check.CheckResult.ErrList {
|
||||
badValueExist := true
|
||||
switch err.BadValue.(type) {
|
||||
|
@ -345,7 +345,7 @@ func FormatChecksPrint(checks []pssutils.PSSCheckResult) string {
|
|||
switch err.Type {
|
||||
case field.ErrorTypeForbidden:
|
||||
if badValueExist {
|
||||
str += fmt.Sprintf("%s is forbidden, don't set the BadValue: %+v", err.Field, err.BadValue)
|
||||
str += fmt.Sprintf("%s is forbidden, forbidden values found: %+v", err.Field, err.BadValue)
|
||||
} else {
|
||||
str += err.Error()
|
||||
}
|
||||
|
|
|
@ -14,7 +14,7 @@ scope:
|
|||
results:
|
||||
- category: Pod Security
|
||||
message: "Validation rule 'restricted' failed. It violates PodSecurity \"restricted:latest\":
|
||||
\n(Forbidden reason: unrestricted capabilities, field error list: [spec.containers[0].securityContext.capabilities.drop:
|
||||
(Forbidden reason: unrestricted capabilities, field error list: [spec.containers[0].securityContext.capabilities.drop:
|
||||
Required value])"
|
||||
policy: podsecurity-subrule-restricted
|
||||
properties:
|
||||
|
|
Loading…
Reference in a new issue