diff --git a/Makefile b/Makefile index 4f312c7a8e..c4d7c15358 100644 --- a/Makefile +++ b/Makefile @@ -92,7 +92,8 @@ CLI_PATH := cmd/cli/kubectl-kyverno KYVERNO_CLI_IMAGE := kyverno-cli cli: - GOOS=$(GOOS) go build -o $(PWD)/$(CLI_PATH)/kyverno -ldflags=$(LD_FLAGS) $(PWD)/$(CLI_PATH)/main.go + go build -o $(PWD)/$(CLI_PATH)/kyverno -ldflags=$(LD_FLAGS) $(PWD)/$(CLI_PATH)/main.go +# GOOS=$(GOOS) go build -o $(PWD)/$(CLI_PATH)/kyverno -ldflags=$(LD_FLAGS) $(PWD)/$(CLI_PATH)/main.go docker-publish-cli: docker-build-cli docker-tag-repo-cli docker-push-cli diff --git a/go.sum b/go.sum index d64f1044f7..71a25f597c 100644 --- a/go.sum +++ b/go.sum @@ -88,6 +88,7 @@ github.com/beevik/ntp v0.2.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NR github.com/benlaurie/objecthash v0.0.0-20180202135721-d1e3d6079fc1/go.mod h1:jvdWlw8vowVGnZqSDC7yhPd7AifQeQbRDkZcQXV2nRg= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= @@ -341,6 +342,7 @@ github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSN github.com/google/gofuzz v0.0.0-20170612174753-24818f796faf/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -612,6 +614,7 @@ github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_golang v1.1.0 h1:BQ53HtBmfOitExawJ6LokA4x8ov/z0SYYb0+HxJfRI8= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= @@ -619,6 +622,7 @@ github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1: github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= @@ -626,6 +630,7 @@ github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8 github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= +github.com/prometheus/common v0.7.0 h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY= github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA= github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= @@ -634,6 +639,7 @@ github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/prometheus/procfs v0.0.5 h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8= github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= @@ -992,6 +998,7 @@ google.golang.org/grpc v1.22.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= +google.golang.org/grpc v1.26.0 h1:2dTRdpdFEEhJYQD8EMLB61nnrzSCTbG38PhqdhvOltg= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= @@ -1114,6 +1121,7 @@ k8s.io/utils v0.0.0-20190221042446-c2654d5206da/go.mod h1:8k8uAuAQ0rXslZKaEWd0c3 k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= +k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 h1:d4vVOjXm687F1iLSP2q3lyPPuyvTUt3aVoBpi2DqRsU= k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIaQYRfC7CSLworTXY9RMqwhhCm+8Nc= mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4= @@ -1137,6 +1145,7 @@ sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1 sigs.k8s.io/structured-merge-diff v1.0.1 h1:LOs1LZWMsz1xs77Phr/pkB4LFaavH7IVq/3+WTN9XTA= sigs.k8s.io/structured-merge-diff v1.0.1/go.mod h1:IIgPezJWb76P0hotTxzDbWsMYB8APh18qZnxkomBpxA= sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= +sigs.k8s.io/structured-merge-diff/v3 v3.0.0 h1:dOmIZBMfhcHS09XZkMyUgkq5trg3/jRyJYFZUiaOp8E= sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= diff --git a/pkg/kyverno/apply/command.go b/pkg/kyverno/apply/command.go index 0cba8c7b4c..c4aadcbd6f 100644 --- a/pkg/kyverno/apply/command.go +++ b/pkg/kyverno/apply/command.go @@ -39,8 +39,8 @@ type resultCounts struct { func Command() *cobra.Command { var cmd *cobra.Command var resourcePaths []string - var cluster bool - var mutateLogPath, variablesString, valuesFile string + var cluster, policy_report bool + var mutateLogPath, variablesString, valuesFile, scope string variables := make(map[string]string) type Resource struct { @@ -75,10 +75,25 @@ func Command() *cobra.Command { } }() + fmt.Println("+++++++++++++++++++++++++++ 1") + + // base validations if valuesFile != "" && variablesString != "" { return sanitizedError.NewWithError("pass the values either using set flag or values_file flag", err) } + fmt.Println("+++++++++++++++++++++++++++ 2") + // get the variables from (-s) param + if variablesString != "" { + kvpairs := strings.Split(strings.Trim(variablesString, " "), ",") + for _, kvpair := range kvpairs { + kvs := strings.Split(strings.Trim(kvpair, " "), "=") + variables[strings.Trim(kvs[0], " ")] = strings.Trim(kvs[1], " ") + } + } + + fmt.Println("+++++++++++++++++++++++++++ 3") + // get the variable values from valuesFile (-f) if valuesFile != "" { yamlFile, err := ioutil.ReadFile(valuesFile) if err != nil { @@ -104,14 +119,39 @@ func Command() *cobra.Command { } } - if variablesString != "" { - kvpairs := strings.Split(strings.Trim(variablesString, " "), ",") - for _, kvpair := range kvpairs { - kvs := strings.Split(strings.Trim(kvpair, " "), "=") - variables[strings.Trim(kvs[0], " ")] = strings.Trim(kvs[1], " ") + fmt.Println("+++++++++++++++++++++++++++ 4") + + openAPIController, err := openapi.NewOpenAPIController() + if err != nil { + return sanitizedError.NewWithError("failed to initialize openAPIController", err) + } + + var dClient *client.Client + if cluster { + restConfig, err := kubernetesConfig.ToRESTConfig() + if err != nil { + return err + } + dClient, err = client.NewClient(restConfig, 5*time.Minute, make(chan struct{}), log.Log) + if err != nil { + return err } } + fmt.Println("+++++++++++++++++++++++++++ 5") + + policies, err := common.ValidateAndGetPolicies(policyPaths, cluster, dClient) + if err != nil { + if !sanitizedError.IsErrorSanitized(err) { + return sanitizedError.NewWithError("failed to mutate policies.", err) + } + return err + } + + fmt.Println("+++++++++++++++++++++++++++ 6") + + + if len(resourcePaths) == 0 && !cluster { return sanitizedError.NewWithError(fmt.Sprintf("resource file(s) or cluster required"), err) } @@ -135,30 +175,8 @@ func Command() *cobra.Command { } } - policies, err := common.GetPoliciesValidation(policyPaths) - if err != nil { - if !sanitizedError.IsErrorSanitized(err) { - return sanitizedError.NewWithError("failed to mutate policies.", err) - } - return err - } - openAPIController, err := openapi.NewOpenAPIController() - if err != nil { - return sanitizedError.NewWithError("failed to initialize openAPIController", err) - } - var dClient *client.Client - if cluster { - restConfig, err := kubernetesConfig.ToRESTConfig() - if err != nil { - return err - } - dClient, err = client.NewClient(restConfig, 5*time.Minute, make(chan struct{}), log.Log) - if err != nil { - return err - } - } var resources []*unstructured.Unstructured if len(resourcePaths) > 0 && resourcePaths[0] == "-" { @@ -257,6 +275,8 @@ func Command() *cobra.Command { cmd.Flags().StringVarP(&mutateLogPath, "output", "o", "", "Prints the mutated resources in provided file/directory") cmd.Flags().StringVarP(&variablesString, "set", "s", "", "Variables that are required") cmd.Flags().StringVarP(&valuesFile, "values_file", "f", "", "File containing values for policy variables") + cmd.Flags().BoolVarP(&policy_report, "policy_report", "", false, "Generates policy report when passed (default policyviolation r") + cmd.Flags().StringVarP(&scope, "scope", "", "", "Optional parameter passed with cluster flag") return cmd } diff --git a/pkg/kyverno/common/common.go b/pkg/kyverno/common/common.go index 58c36a18d7..10f503222e 100644 --- a/pkg/kyverno/common/common.go +++ b/pkg/kyverno/common/common.go @@ -19,38 +19,60 @@ import ( "github.com/kyverno/kyverno/pkg/kyverno/sanitizedError" "github.com/kyverno/kyverno/pkg/policymutation" "github.com/kyverno/kyverno/pkg/utils" + client "github.com/kyverno/kyverno/pkg/dclient" ) // GetPolicies - Extracting the policies from multiple YAML -func GetPolicies(paths []string) (policies []*v1.ClusterPolicy, error error) { +func GetPolicies(paths []string,cluster bool, dClient *client.Client) (policies []*v1.ClusterPolicy, error error) { for _, path := range paths { + + fmt.Println("------------------ -3 ") + path = filepath.Clean(path) + fmt.Println("------------------ -2 ") fileDesc, err := os.Stat(path) if err != nil { - return nil, err + fmt.Println(err) + p, err := getPolicyFromCluster(path, cluster, dClient) + + if err != nil { + return nil, err + } + policies = append(policies, p) + continue } + fmt.Println("------------------ -1 ") if fileDesc.IsDir() { + fmt.Println("------------------ 0 ") files, err := ioutil.ReadDir(path) if err != nil { + fmt.Println("------------------1") return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to parse %v", path), err) } + fmt.Println("------------------2") listOfFiles := make([]string, 0) for _, file := range files { listOfFiles = append(listOfFiles, filepath.Join(path, file.Name())) } - policiesFromDir, err := GetPolicies(listOfFiles) + fmt.Println("------------------3") + policiesFromDir, err := GetPolicies(listOfFiles, cluster, dClient) if err != nil { return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to extract policies from %v", listOfFiles), err) } + fmt.Println("------------------4") policies = append(policies, policiesFromDir...) } else { + fmt.Println("------------------5") file, err := ioutil.ReadFile(path) if err != nil { + fmt.Println("------------------6") + // check if cluster flag is passed and get the policy from cluster + getPolicyFromCluster(path, cluster, dClient) return nil, sanitizedError.NewWithError(fmt.Sprintf("failed to load file %v", path), err) } getPolicies, getErrors := utils.GetPolicy(file) @@ -73,9 +95,61 @@ func GetPolicies(paths []string) (policies []*v1.ClusterPolicy, error error) { return policies, nil } -//GetPoliciesValidation - validating policies -func GetPoliciesValidation(policyPaths []string) ([]*v1.ClusterPolicy, error) { - policies, err := GetPolicies(policyPaths) +func getPolicyFromCluster(policyName string,cluster bool, dClient *client.Client) (*v1.ClusterPolicy, error){ + fmt.Println("getPolicyFromCluster:", policyName, cluster, dClient) + + if !cluster { + return &v1.ClusterPolicy{}, nil + } + //var policy []*unstructured.Unstructured + policy, err := dClient.GetResource("", "ClusterPolicy", "", policyName, "") + + fmt.Println("********************* 1") + fmt.Println(policy) + + policyBytes, err := json.Marshal(policy.Object) + if err != nil { + fmt.Println("********************* 2") + fmt.Println(err) + return &v1.ClusterPolicy{}, err + } + + var p v1.ClusterPolicy + err = json.Unmarshal(policyBytes, &p) + + if err != nil { + fmt.Println("********************* 3") + fmt.Println(err) + return &v1.ClusterPolicy{}, err + } + + if err != nil { + fmt.Println("Error Occurred while fetching policy from cluster ", err) + } + + //for _, kind := range resourceTypes { + // resourceList, err := dClient.ListResource("", kind, "", nil) + // if err != nil { + // return nil, err + // } + // + // version := resourceList.GetAPIVersion() + // for _, resource := range resourceList.Items { + // resource.SetGroupVersionKind(schema.GroupVersionKind{ + // Group: "", + // Version: version, + // Kind: kind, + // }) + // resources = append(resources, resource.DeepCopy()) + // } + //} + + return &p, nil +} + +//ValidateAndGetPolicies - validating policies +func ValidateAndGetPolicies(policyPaths []string, cluster bool, dClient *client.Client) ([]*v1.ClusterPolicy, error) { + policies, err := GetPolicies(policyPaths, cluster, dClient) if err != nil { if !sanitizedError.IsErrorSanitized(err) { return nil, sanitizedError.NewWithError((fmt.Sprintf("failed to parse %v path/s.", policyPaths)), err) diff --git a/pkg/kyverno/common/fetch.go b/pkg/kyverno/common/fetch.go index 6bd9f44356..cb5de0a147 100644 --- a/pkg/kyverno/common/fetch.go +++ b/pkg/kyverno/common/fetch.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "io/ioutil" + "fmt" v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1" "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme" @@ -40,6 +41,7 @@ func GetResources(policies []*v1.ClusterPolicy, resourcePaths []string, dClient resources, err = getResourcesOfTypeFromCluster(resourceTypes, dClient) if err != nil { + fmt.Println("$$$$$$$$$$$$$$$$$$$$$$$$") return nil, err } } @@ -47,10 +49,12 @@ func GetResources(policies []*v1.ClusterPolicy, resourcePaths []string, dClient for _, resourcePath := range resourcePaths { resourceBytes, err := getFileBytes(resourcePath) if err != nil { + fmt.Println("######################## 1") return nil, err } getResources, err := GetResource(resourceBytes) if err != nil { + fmt.Println("######################## 2") return nil, err } @@ -64,17 +68,20 @@ func GetResources(policies []*v1.ClusterPolicy, resourcePaths []string, dClient // GetResource converts raw bytes to unstructured object func GetResource(resourceBytes []byte) ([]*unstructured.Unstructured, error) { + fmt.Println("@@@@@@@@@@@@@@@@@@@@@@ 1") resources := make([]*unstructured.Unstructured, 0) var getErrString string files, splitDocError := utils.SplitYAMLDocuments(resourceBytes) if splitDocError != nil { + fmt.Println("@@@@@@@@@@@@@@@@@@@@@@ 2") return nil, splitDocError } for _, resourceYaml := range files { resource, err := convertResourceToUnstructured(resourceYaml) if err != nil { + fmt.Println("@@@@@@@@@@@@@@@@@@@@@@ 3") getErrString = getErrString + err.Error() + "\n" } @@ -82,6 +89,7 @@ func GetResource(resourceBytes []byte) ([]*unstructured.Unstructured, error) { } if getErrString != "" { + fmt.Println("@@@@@@@@@@@@@@@@@@@@@@ 4") return nil, errors.New(getErrString) } @@ -89,11 +97,18 @@ func GetResource(resourceBytes []byte) ([]*unstructured.Unstructured, error) { } func getResourcesOfTypeFromCluster(resourceTypes []string, dClient *client.Client) ([]*unstructured.Unstructured, error) { + + fmt.Println("^^^^^^^^^^^^^^^^^^^ 1") + var resources []*unstructured.Unstructured for _, kind := range resourceTypes { + fmt.Println("kind:", kind) + resourceList, err := dClient.ListResource("", kind, "", nil) if err != nil { + fmt.Println("^^^^^^^^^^^^^^^^^^^ 2") + fmt.Println(err) return nil, err } @@ -107,6 +122,7 @@ func getResourcesOfTypeFromCluster(resourceTypes []string, dClient *client.Clien resources = append(resources, resource.DeepCopy()) } } + fmt.Println("^^^^^^^^^^^^^^^^^^^ 3") return resources, nil } @@ -123,21 +139,25 @@ func convertResourceToUnstructured(resourceYaml []byte) (*unstructured.Unstructu decode := scheme.Codecs.UniversalDeserializer().Decode resourceObject, metaData, err := decode(resourceYaml, nil, nil) if err != nil { + fmt.Println("!!!!!!!!!!!!!!!!! 1") return nil, err } resourceUnstructured, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&resourceObject) if err != nil { + fmt.Println("!!!!!!!!!!!!!!!!! 2") return nil, err } resourceJSON, err := json.Marshal(resourceUnstructured) if err != nil { + fmt.Println("!!!!!!!!!!!!!!!!! 3") return nil, err } resource, err := engineutils.ConvertToUnstructured(resourceJSON) if err != nil { + fmt.Println("!!!!!!!!!!!!!!!!! 4") return nil, err } diff --git a/pkg/kyverno/validate/command.go b/pkg/kyverno/validate/command.go index cefe01aef6..6d38905130 100644 --- a/pkg/kyverno/validate/command.go +++ b/pkg/kyverno/validate/command.go @@ -21,6 +21,7 @@ import ( log "sigs.k8s.io/controller-runtime/pkg/log" yaml "sigs.k8s.io/yaml" + client "github.com/kyverno/kyverno/pkg/dclient" ) func Command() *cobra.Command { @@ -76,7 +77,9 @@ func Command() *cobra.Command { } } } else { - policies, err = common.GetPoliciesValidation(policyPaths) + cluster := false + var dClient *client.Client + policies, err = common.ValidateAndGetPolicies(policyPaths, cluster, dClient) if err != nil { if !sanitizedError.IsErrorSanitized(err) { return sanitizedError.NewWithError("failed to mutate policies.", err)