From 801c7513cbef2a6689690316690fde2ab859591e Mon Sep 17 00:00:00 2001 From: Yuvraj Date: Tue, 24 Mar 2020 00:35:05 +0530 Subject: [PATCH] golanfci-lint changes Signed-off-by: Yuvraj --- cmd/initContainer/main.go | 15 ++- .../clientset/versioned/fake/register.go | 3 +- pkg/config/config.go | 2 +- pkg/engine/mutate/overlay.go | 2 +- pkg/engine/mutate/overlayCondition_test.go | 92 ++++++++++++------- pkg/engine/mutate/overlay_test.go | 66 ++++++++----- pkg/engine/mutation_test.go | 16 +++- pkg/engine/validate/validate.go | 2 + pkg/engine/validate/validate_test.go | 9 +- pkg/engine/validation_test.go | 64 ++++++++----- pkg/policy/apply.go | 6 +- pkg/testrunner/scenario.go | 6 +- pkg/tls/tls.go | 1 + pkg/userinfo/roleRef_test.go | 7 +- 14 files changed, 193 insertions(+), 98 deletions(-) diff --git a/cmd/initContainer/main.go b/cmd/initContainer/main.go index 9c5a9141ba..939471df65 100644 --- a/cmd/initContainer/main.go +++ b/cmd/initContainer/main.go @@ -91,9 +91,18 @@ func main() { func init() { // arguments flag.StringVar(&kubeconfig, "kubeconfig", "", "Path to a kubeconfig. Only required if out-of-cluster.") - flag.Set("logtostderr", "true") - flag.Set("stderrthreshold", "WARNING") - flag.Set("v", "2") + err := flag.Set("logtostderr", "true") + if err != nil { + glog.Errorf("failed to set flag", err) + } + err = flag.Set("stderrthreshold", "WARNING") + if err != nil { + glog.Errorf("failed to set flag", err) + } + err = flag.Set("v", "2") + if err != nil { + glog.Errorf("failed to set flag", err) + } flag.Parse() } diff --git a/pkg/client/clientset/versioned/fake/register.go b/pkg/client/clientset/versioned/fake/register.go index 4a90cf5ba8..482e66ffc7 100644 --- a/pkg/client/clientset/versioned/fake/register.go +++ b/pkg/client/clientset/versioned/fake/register.go @@ -29,7 +29,8 @@ import ( var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) -var parameterCodec = runtime.NewParameterCodec(scheme) + +// var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ kyvernov1.AddToScheme, } diff --git a/pkg/config/config.go b/pkg/config/config.go index 241728a2c7..fc8bf5e07c 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -85,7 +85,7 @@ func LogDefaultFlags() { if err != nil { glog.Fatalf("failed to set flag 'stderrthreshold' to 'WARNING':%v", err) } - flag.Set("v", "2") + err = flag.Set("v", "2") if err != nil { glog.Fatalf("failed to set flag 'v' to '2':%v", err) } diff --git a/pkg/engine/mutate/overlay.go b/pkg/engine/mutate/overlay.go index 3b76f30c74..63b262f80d 100644 --- a/pkg/engine/mutate/overlay.go +++ b/pkg/engine/mutate/overlay.go @@ -409,7 +409,7 @@ func removeAnchorFromSubTree(overlay interface{}) interface{} { } func removeAnchroFromMap(overlay map[string]interface{}) map[string]interface{} { - result := make(map[string]interface{}, 0) + result := make(map[string]interface{}) for k, v := range overlay { result[getRawKeyIfWrappedWithAttributes(k)] = removeAnchorFromSubTree(v) } diff --git a/pkg/engine/mutate/overlayCondition_test.go b/pkg/engine/mutate/overlayCondition_test.go index b898acfbcd..94aeed329b 100644 --- a/pkg/engine/mutate/overlayCondition_test.go +++ b/pkg/engine/mutate/overlayCondition_test.go @@ -26,9 +26,10 @@ func TestMeetConditions_NoAnchor(t *testing.T) { }`) var overlay interface{} - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(overlayRaw, &overlay) + assert.Assert(t, reflect.DeepEqual(err, nil)) - _, err := meetConditions(nil, overlay) + _, err = meetConditions(nil, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) } @@ -78,10 +79,12 @@ func TestMeetConditions_conditionalAnchorOnMap(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Assert(t, !reflect.DeepEqual(err, overlayError{})) overlayRaw = []byte(` @@ -99,7 +102,8 @@ func TestMeetConditions_conditionalAnchorOnMap(t *testing.T) { ] }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) _, overlayerr := meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -136,11 +140,13 @@ func TestMeetConditions_DifferentTypes(t *testing.T) { }`) var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) // anchor exist - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Assert(t, strings.Contains(err.Error(), "Found anchor on different types of element at path /subsets/")) } @@ -190,10 +196,12 @@ func TestMeetConditions_anchosInSameObject(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Error(t, err, "[overlayError:0] Failed validating value 443 with overlay 444") } @@ -248,10 +256,11 @@ func TestMeetConditions_anchorOnPeer(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) - - _, err := meetConditions(resource, overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) + _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) } @@ -325,10 +334,12 @@ func TestMeetConditions_anchorsOnMetaAndSpec(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) } @@ -406,10 +417,12 @@ func TestMeetConditions_anchorsOnPeer_single(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRawAnchorOnPeers, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRawAnchorOnPeers, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) } @@ -440,10 +453,12 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRawAnchorOnPeers, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRawAnchorOnPeers, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Error(t, err, "[overlayError:0] Failed validating value true with overlay false") overlayRaw = []byte(`{ @@ -470,7 +485,8 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) @@ -499,7 +515,8 @@ func TestMeetConditions_anchorsOnPeer_two(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) @@ -532,10 +549,12 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRawAnchorOnPeers, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRawAnchorOnPeers, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) - _, err := meetConditions(resource, overlay) + _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) overlayRaw = []byte(`{ @@ -562,7 +581,8 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) _, err = meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) @@ -591,7 +611,8 @@ func TestMeetConditions_anchorsOnPeer_multiple(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) _, err = meetConditions(resource, overlay) assert.Error(t, err, "[overlayError:0] Failed validating value ENV_VALUE with overlay ENV_VALUE1") @@ -649,9 +670,10 @@ func TestMeetConditions_AtleastOneExist(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) - + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) path, err := meetConditions(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) assert.Assert(t, len(path) == 0) diff --git a/pkg/engine/mutate/overlay_test.go b/pkg/engine/mutate/overlay_test.go index 8c062fe58d..4050c7e950 100644 --- a/pkg/engine/mutate/overlay_test.go +++ b/pkg/engine/mutate/overlay_test.go @@ -63,8 +63,10 @@ func TestProcessOverlayPatches_NestedListWithAnchor(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -163,8 +165,10 @@ func TestProcessOverlayPatches_InsertIntoArray(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -284,8 +288,10 @@ func TestProcessOverlayPatches_TestInsertToArray(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -367,8 +373,10 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -456,7 +464,8 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, err = processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) @@ -492,7 +501,8 @@ func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, err = processOverlayPatches(resource, overlay) assert.Error(t, err, "[overlayError:0] Policy not applied, conditions are not met at /spec/template/metadata/labels/app/, [overlayError:0] Failed validating value nginx with overlay nginx1") @@ -520,8 +530,10 @@ func TestProcessOverlayPatches_AddingAnchor(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -605,8 +617,10 @@ func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -684,7 +698,8 @@ func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) { } }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, err = processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(err, overlayError{})) @@ -747,8 +762,10 @@ func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -805,7 +822,8 @@ func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) { ] }`) - json.Unmarshal(overlayRaw, &overlay) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, err = processOverlayPatches(resource, overlay) assert.Error(t, err, "[overlayError:0] Policy not applied, conditions are not met at /subsets/0/ports/0/port/, [overlayError:0] Failed validating value 443 with overlay 444") @@ -886,8 +904,10 @@ func TestProcessOverlayPatches_insertWithCondition(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) @@ -997,8 +1017,10 @@ func TestProcessOverlayPatches_InsertIfNotPresentWithConditions(t *testing.T) { var resource, overlay interface{} - json.Unmarshal(resourceRaw, &resource) - json.Unmarshal(overlayRaw, &overlay) + err := json.Unmarshal(resourceRaw, &resource) + assert.NilError(t, err) + err = json.Unmarshal(overlayRaw, &overlay) + assert.NilError(t, err) patches, overlayerr := processOverlayPatches(resource, overlay) assert.Assert(t, reflect.DeepEqual(overlayerr, overlayError{})) diff --git a/pkg/engine/mutation_test.go b/pkg/engine/mutation_test.go index 278d9672f2..07f345e265 100644 --- a/pkg/engine/mutation_test.go +++ b/pkg/engine/mutation_test.go @@ -67,11 +67,17 @@ func Test_VariableSubstitutionOverlay(t *testing.T) { expectedPatch := []byte(`{ "op": "add", "path": "/metadata/labels", "value":{"appname":"check-root-user"} }`) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + if err != nil { + t.Error(err) + } resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(rawResource) + err = ctx.AddResource(rawResource) + if err != nil { + t.Error(err) + } value, err := ctx.Query("request.object.metadata.name") t.Log(value) if err != nil { @@ -139,12 +145,14 @@ func Test_variableSubstitutionPathNotExist(t *testing.T) { }`) var policy kyverno.ClusterPolicy - json.Unmarshal(policyraw, &policy) + err := json.Unmarshal(policyraw, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(resourceRaw) assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(resourceRaw) + err = ctx.AddResource(resourceRaw) + assert.NilError(t, err) policyContext := PolicyContext{ Policy: policy, diff --git a/pkg/engine/validate/validate.go b/pkg/engine/validate/validate.go index 9d94f07789..387c4fc37e 100644 --- a/pkg/engine/validate/validate.go +++ b/pkg/engine/validate/validate.go @@ -227,8 +227,10 @@ func getValueFromPattern(patternMap map[string]interface{}, keys []string, curre if keys[currentKeyIndex+1] == strconv.Itoa(i) { return getValueFromPattern(resourceMap, keys, currentKeyIndex+2) } + // TODO : SA4004: the surrounding loop is unconditionally terminated (staticcheck) return nil, errors.New("Reference to non-existent place in the document") } + return nil, nil // Just a hack to fix the lint } return nil, errors.New("Reference to non-existent place in the document") case map[string]interface{}: diff --git a/pkg/engine/validate/validate_test.go b/pkg/engine/validate/validate_test.go index acabd87ac1..3467bacb83 100644 --- a/pkg/engine/validate/validate_test.go +++ b/pkg/engine/validate/validate_test.go @@ -557,7 +557,8 @@ func TestValidateMap_livenessProbeIsNull(t *testing.T) { var pattern, resource map[string]interface{} assert.Assert(t, json.Unmarshal(rawPattern, &pattern)) - json.Unmarshal(rawMap, &resource) + err := json.Unmarshal(rawMap, &resource) + assert.NilError(t, err) path, err := validateMap(resource, pattern, pattern, "/") assert.Equal(t, path, "") @@ -1344,8 +1345,10 @@ func TestValidateMapElement_OneElementInArrayNotPass(t *testing.T) { ]`) var pattern, resource interface{} - json.Unmarshal(rawPattern, &pattern) - json.Unmarshal(rawMap, &resource) + err := json.Unmarshal(rawPattern, &pattern) + assert.NilError(t, err) + err = json.Unmarshal(rawMap, &resource) + assert.NilError(t, err) path, err := validateResourceElement(resource, pattern, pattern, "/") assert.Equal(t, path, "/0/object/0/key2/") diff --git a/pkg/engine/validation_test.go b/pkg/engine/validation_test.go index 2792723d09..b44fd30ba9 100644 --- a/pkg/engine/validation_test.go +++ b/pkg/engine/validation_test.go @@ -23,7 +23,8 @@ func TestGetAnchorsFromMap_ThereAreAnchors(t *testing.T) { }`) var unmarshalled map[string]interface{} - json.Unmarshal(rawMap, &unmarshalled) + err := json.Unmarshal(rawMap, &unmarshalled) + assert.NilError(t, err) actualMap := utils.GetAnchorsFromMap(unmarshalled) assert.Equal(t, len(actualMap), 2) @@ -114,7 +115,8 @@ func TestValidate_image_tag_fail(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -212,7 +214,8 @@ func TestValidate_image_tag_pass(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -289,7 +292,8 @@ func TestValidate_Fail_anyPattern(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -370,7 +374,8 @@ func TestValidate_host_network_port(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -459,7 +464,8 @@ func TestValidate_anchor_arraymap_pass(t *testing.T) { } `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -547,8 +553,8 @@ func TestValidate_anchor_arraymap_fail(t *testing.T) { } `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) - + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(PolicyContext{Policy: policy, NewResource: *resourceUnstructured}) @@ -616,7 +622,8 @@ func TestValidate_anchor_map_notfound(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -688,7 +695,8 @@ func TestValidate_anchor_map_found_valid(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -760,7 +768,8 @@ func TestValidate_anchor_map_found_invalid(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -834,7 +843,8 @@ func TestValidate_AnchorList_pass(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -908,7 +918,8 @@ func TestValidate_AnchorList_fail(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -982,7 +993,8 @@ func TestValidate_existenceAnchor_fail(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -1057,7 +1069,8 @@ func TestValidate_existenceAnchor_pass(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -1144,7 +1157,8 @@ func TestValidate_negationAnchor_deny(t *testing.T) { } `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -1230,7 +1244,8 @@ func TestValidate_negationAnchor_pass(t *testing.T) { `) var policy kyverno.ClusterPolicy - json.Unmarshal(rawPolicy, &policy) + err := json.Unmarshal(rawPolicy, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(rawResource) assert.NilError(t, err) @@ -1297,12 +1312,14 @@ func Test_VariableSubstitutionPathNotExistInPattern(t *testing.T) { }`) var policy kyverno.ClusterPolicy - json.Unmarshal(policyraw, &policy) + err := json.Unmarshal(policyraw, &policy) + assert.NilError(t, err) resourceUnstructured, err := utils.ConvertToUnstructured(resourceRaw) assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(resourceRaw) + err = ctx.AddResource(resourceRaw) + assert.NilError(t, err) policyContext := PolicyContext{ Policy: policy, @@ -1392,7 +1409,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_OnePatternStatisfies(t *t assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(resourceRaw) + err = ctx.AddResource(resourceRaw) + assert.NilError(t, err) policyContext := PolicyContext{ Policy: policy, @@ -1482,7 +1500,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_AllPathNotPresent(t *test assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(resourceRaw) + err = ctx.AddResource(resourceRaw) + assert.NilError(t, err) policyContext := PolicyContext{ Policy: policy, @@ -1572,7 +1591,8 @@ func Test_VariableSubstitutionPathNotExistInAnyPattern_AllPathPresent_NonePatter assert.NilError(t, err) ctx := context.NewContext() - ctx.AddResource(resourceRaw) + err = ctx.AddResource(resourceRaw) + assert.NilError(t, err) policyContext := PolicyContext{ Policy: policy, diff --git a/pkg/policy/apply.go b/pkg/policy/apply.go index 32d654346c..fae7c4045d 100644 --- a/pkg/policy/apply.go +++ b/pkg/policy/apply.go @@ -32,8 +32,10 @@ func applyPolicy(policy kyverno.ClusterPolicy, resource unstructured.Unstructure var err error // build context ctx := context.NewContext() - ctx.AddResource(transformResource(resource)) - + err = ctx.AddResource(transformResource(resource)) + if err != nil { + glog.Errorf("enable to add transform resource to ctx: %v", err) + } //MUTATION engineResponse, err = mutation(policy, resource, ctx) engineResponses = append(engineResponses, engineResponse) diff --git a/pkg/testrunner/scenario.go b/pkg/testrunner/scenario.go index 39eaeb7257..b0d3430072 100644 --- a/pkg/testrunner/scenario.go +++ b/pkg/testrunner/scenario.go @@ -427,7 +427,11 @@ func loadPolicy(t *testing.T, path string) *kyverno.ClusterPolicy { } func testScenario(t *testing.T, path string) { - flag.Set("logtostderr", "true") + err := flag.Set("logtostderr", "true") + if err != nil { + t.Error(err) + return + } // flag.Set("v", "8") scenario, err := loadScenario(t, path) diff --git a/pkg/tls/tls.go b/pkg/tls/tls.go index c91c9b922c..4acc08272d 100644 --- a/pkg/tls/tls.go +++ b/pkg/tls/tls.go @@ -142,5 +142,6 @@ func IsTLSPairShouldBeUpdated(tlsPair *TlsPemPair) bool { return true } + // TODO : should use time.Until instead of t.Sub(time.Now()) (gosimple) return expirationDate.Sub(time.Now()) < timeReserveBeforeCertificateExpiration } diff --git a/pkg/userinfo/roleRef_test.go b/pkg/userinfo/roleRef_test.go index 3929c38577..19899ee709 100644 --- a/pkg/userinfo/roleRef_test.go +++ b/pkg/userinfo/roleRef_test.go @@ -154,9 +154,10 @@ func newRoleBinding(name, ns string, subjects []rbacv1.Subject, roles rbacv1.Rol func Test_getRoleRefByRoleBindings(t *testing.T) { flag.Parse() - flag.Set("logtostderr", "true") - flag.Set("v", "3") - + err := flag.Set("logtostderr", "true") + assert.Assert(t, err == nil) + err = flag.Set("v", "3") + assert.Assert(t, err == nil) list := make([]*rbacv1.RoleBinding, 2) list[0] = newRoleBinding("test1", "mynamespace",