mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-16 04:28:42 +00:00
Code Activity

feat: add generateExisting field under the generate rule (#10441)

Browse source 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
This commit is contained in:
Mariam Fahmy 2024-06-13 20:41:46 +07:00 committed by GitHub
parent 19b71d746c
commit 846439b13e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
15 changed files with 310 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
api/kyverno/v1/common_types.go
View file

@ -656,6 +656,11 @@ func (v *ForEachValidation) SetAnyPattern(in apiextensions.JSON) {
// Generation defines how new resources should be created and managed. // Generation defines how new resources should be created and managed.
type Generation struct { type Generation struct {
// GenerateExisting controls whether to trigger the rule in existing resources
// If is set to "true" the rule will be triggered and applied to existing matched resources.
// +optional
GenerateExisting *bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"`
// ResourceSpec contains information to select the resource. // ResourceSpec contains information to select the resource.
ResourceSpec `json:",omitempty" yaml:",omitempty"` ResourceSpec `json:",omitempty" yaml:",omitempty"`
@ -690,6 +695,10 @@ type Generation struct {
CloneList CloneList `json:"cloneList,omitempty" yaml:"cloneList,omitempty"` CloneList CloneList `json:"cloneList,omitempty" yaml:"cloneList,omitempty"`
} }
func (g *Generation) IsGenerateExisting() *bool {
return g.GenerateExisting
}
type CloneList struct { type CloneList struct {
// Namespace specifies source resource namespace. // Namespace specifies source resource namespace.
Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"`

23
api/kyverno/v1/spec_types.go
View file

@ -111,9 +111,7 @@ type Spec struct {
// +optional // +optional
GenerateExistingOnPolicyUpdate *bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"` GenerateExistingOnPolicyUpdate *bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"`
// GenerateExisting controls whether to trigger generate rule in existing resources // Deprecated, use generateExisting under the generate rule instead
// If is set to "true" generate rule will be triggered and applied to existing matched resources.
// Defaults to "false" if not specified.
// +optional // +optional
GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"` GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"`
@ -251,6 +249,14 @@ func (s *Spec) GetMutateExistingOnPolicyUpdate() bool {
// IsGenerateExisting return GenerateExisting set value // IsGenerateExisting return GenerateExisting set value
func (s *Spec) IsGenerateExisting() bool { func (s *Spec) IsGenerateExisting() bool {
for _, rule := range s.Rules {
if rule.HasGenerate() {
isGenerateExisting := rule.Generation.IsGenerateExisting()
if isGenerateExisting != nil && *isGenerateExisting {
return true
}
}
}
if s.GenerateExistingOnPolicyUpdate != nil && *s.GenerateExistingOnPolicyUpdate { if s.GenerateExistingOnPolicyUpdate != nil && *s.GenerateExistingOnPolicyUpdate {
return true return true
} }
@ -307,8 +313,15 @@ func (s *Spec) ValidateRules(path *field.Path, namespaced bool, policyNamespace
} }
func (s *Spec) validateDeprecatedFields(path *field.Path) (errs field.ErrorList) { func (s *Spec) validateDeprecatedFields(path *field.Path) (errs field.ErrorList) {
if s.GenerateExistingOnPolicyUpdate != nil && s.GenerateExisting { for _, rule := range s.Rules {
errs = append(errs, field.Forbidden(path.Child("generateExistingOnPolicyUpdate"), "remove the deprecated field and use generateExisting instead")) if rule.HasGenerate() && rule.Generation.IsGenerateExisting() != nil {
if s.GenerateExistingOnPolicyUpdate != nil {
errs = append(errs, field.Forbidden(path.Child("generateExistingOnPolicyUpdate"), "remove the deprecated field and use spec.generate[*].generateExisting instead"))
}
if s.GenerateExisting {
errs = append(errs, field.Forbidden(path.Child("generateExisting"), "remove the deprecated field and use spec.generate[*].generateExisting instead"))
}
}
} }
return errs return errs
} }

5
api/kyverno/v1/zz_generated.deepcopy.go
View file

@ -637,6 +637,11 @@ func (in *ForEachValidation) DeepCopy() *ForEachValidation {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Generation) DeepCopyInto(out *Generation) { func (in *Generation) DeepCopyInto(out *Generation) {
*out = *in *out = *in
if in.GenerateExisting != nil {
in, out := &in.GenerateExisting, &out.GenerateExisting
*out = new(bool)
**out = **in
}
out.ResourceSpec = in.ResourceSpec out.ResourceSpec = in.ResourceSpec
if in.RawData != nil { if in.RawData != nil {
in, out := &in.RawData, &out.RawData in, out := &in.RawData, &out.RawData

24
api/kyverno/v2beta1/spec_types.go
View file

@ -71,10 +71,7 @@ type Spec struct {
// +optional // +optional
GenerateExistingOnPolicyUpdate *bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"` GenerateExistingOnPolicyUpdate *bool `json:"generateExistingOnPolicyUpdate,omitempty" yaml:"generateExistingOnPolicyUpdate,omitempty"`
// GenerateExisting controls whether to trigger generate rule in existing resources // Deprecated, use generateExisting under the generate rule instead
// If is set to "true" generate rule will be triggered and applied to existing matched resources.
// Defaults to "false" if not specified.
// +optional
GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"` GenerateExisting bool `json:"generateExisting,omitempty" yaml:"generateExisting,omitempty"`
// UseServerSideApply controls whether to use server-side apply for generate rules // UseServerSideApply controls whether to use server-side apply for generate rules
@ -218,6 +215,14 @@ func (s *Spec) GetMutateExistingOnPolicyUpdate() bool {
// IsGenerateExisting return GenerateExisting set value // IsGenerateExisting return GenerateExisting set value
func (s *Spec) IsGenerateExisting() bool { func (s *Spec) IsGenerateExisting() bool {
for _, rule := range s.Rules {
if rule.HasGenerate() {
isGenerateExisting := rule.Generation.IsGenerateExisting()
if isGenerateExisting != nil && *isGenerateExisting {
return true
}
}
}
if s.GenerateExistingOnPolicyUpdate != nil && *s.GenerateExistingOnPolicyUpdate { if s.GenerateExistingOnPolicyUpdate != nil && *s.GenerateExistingOnPolicyUpdate {
return true return true
} }
@ -263,8 +268,15 @@ func (s *Spec) ValidateRules(path *field.Path, namespaced bool, policyNamespace
} }
func (s *Spec) ValidateDeprecatedFields(path *field.Path) (errs field.ErrorList) { func (s *Spec) ValidateDeprecatedFields(path *field.Path) (errs field.ErrorList) {
if s.GenerateExistingOnPolicyUpdate != nil && s.GenerateExisting { for _, rule := range s.Rules {
errs = append(errs, field.Forbidden(path.Child("generateExistingOnPolicyUpdate"), "remove the deprecated field and use generateExisting instead")) if rule.HasGenerate() && rule.Generation.IsGenerateExisting() != nil {
if s.GenerateExistingOnPolicyUpdate != nil {
errs = append(errs, field.Forbidden(path.Child("generateExistingOnPolicyUpdate"), "remove the deprecated field and use spec.generate[*].generateExisting instead"))
}
if s.GenerateExisting {
errs = append(errs, field.Forbidden(path.Child("generateExisting"), "remove the deprecated field and use spec.generate[*].generateExisting instead"))
}
}
} }
return errs return errs
} }

32
charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml
View file

@ -123,10 +123,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1086,6 +1084,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5304,6 +5307,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8679,10 +8687,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9440,6 +9446,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13606,6 +13617,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

32
charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml
View file

@ -124,10 +124,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1087,6 +1085,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5306,6 +5309,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8682,10 +8690,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9443,6 +9449,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13609,6 +13620,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

32
cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml
View file

@ -117,10 +117,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1080,6 +1078,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5298,6 +5301,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8673,10 +8681,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9434,6 +9440,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13600,6 +13611,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

32
cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml
View file

@ -118,10 +118,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1081,6 +1079,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5300,6 +5303,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8676,10 +8684,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9437,6 +9443,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13603,6 +13614,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

32
config/crds/kyverno/kyverno.io_clusterpolicies.yaml
View file

@ -117,10 +117,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1080,6 +1078,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5298,6 +5301,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8673,10 +8681,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9434,6 +9440,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13600,6 +13611,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

32
config/crds/kyverno/kyverno.io_policies.yaml
View file

@ -118,10 +118,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -1081,6 +1079,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -5300,6 +5303,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -8676,10 +8684,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -9437,6 +9443,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -13603,6 +13614,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

64
config/install-latest-testing.yaml
View file

@ -10324,10 +10324,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -11287,6 +11285,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -15505,6 +15508,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -18880,10 +18888,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -19641,6 +19647,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -23807,6 +23818,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -27465,10 +27481,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -28428,6 +28442,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -32647,6 +32666,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -36023,10 +36047,8 @@ spec:
- Fail - Fail
type: string type: string
generateExisting: generateExisting:
description: |- description: Deprecated, use generateExisting under the generate rule
GenerateExisting controls whether to trigger generate rule in existing resources instead
If is set to "true" generate rule will be triggered and applied to existing matched resources.
Defaults to "false" if not specified.
type: boolean type: boolean
generateExistingOnPolicyUpdate: generateExistingOnPolicyUpdate:
description: Deprecated, use generateExisting instead description: Deprecated, use generateExisting instead
@ -36784,6 +36806,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string
@ -40950,6 +40977,11 @@ spec:
At most one of Data or Clone must be specified. If neither are provided, the generated At most one of Data or Clone must be specified. If neither are provided, the generated
resource will be created with default data only. resource will be created with default data only.
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
generateExisting:
description: |-
GenerateExisting controls whether to trigger the rule in existing resources
If is set to "true" the rule will be triggered and applied to existing matched resources.
type: boolean
kind: kind:
description: Kind specifies resource kind. description: Kind specifies resource kind.
type: string type: string

40
docs/user/crd/index.html
View file

@ -274,9 +274,7 @@ bool
</td> </td>
<td> <td>
<em>(Optional)</em> <em>(Optional)</em>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -552,9 +550,7 @@ bool
</td> </td>
<td> <td>
<em>(Optional)</em> <em>(Optional)</em>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -1932,6 +1928,19 @@ Kubernetes apiextensions/v1.JSON
<tbody> <tbody>
<tr> <tr>
<td> <td>
<code>generateExisting</code><br/>
<em>
bool
</em>
</td>
<td>
<em>(Optional)</em>
<p>GenerateExisting controls whether to trigger the rule in existing resources
If is set to &ldquo;true&rdquo; the rule will be triggered and applied to existing matched resources.</p>
</td>
</tr>
<tr>
<td>
<code>ResourceSpec</code><br/> <code>ResourceSpec</code><br/>
<em> <em>
<a href="#kyverno.io/v1.ResourceSpec"> <a href="#kyverno.io/v1.ResourceSpec">
@ -4046,9 +4055,7 @@ bool
</td> </td>
<td> <td>
<em>(Optional)</em> <em>(Optional)</em>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -8809,10 +8816,7 @@ bool
</em> </em>
</td> </td>
<td> <td>
<em>(Optional)</em> <p>Deprecated, use generateExisting under the generate rule instead</p>
<p>GenerateExisting controls whether to trigger generate rule in existing resources
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -9086,10 +9090,7 @@ bool
</em> </em>
</td> </td>
<td> <td>
<em>(Optional)</em> <p>Deprecated, use generateExisting under the generate rule instead</p>
<p>GenerateExisting controls whether to trigger generate rule in existing resources
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -10483,10 +10484,7 @@ bool
</em> </em>
</td> </td>
<td> <td>
<em>(Optional)</em> <p>Deprecated, use generateExisting under the generate rule instead</p>
<p>GenerateExisting controls whether to trigger generate rule in existing resources
If is set to &ldquo;true&rdquo; generate rule will be triggered and applied to existing matched resources.
Defaults to &ldquo;false&rdquo; if not specified.</p>
</td> </td>
</tr> </tr>
<tr> <tr>

40
docs/user/crd/kyverno.v1.html
View file

@ -482,9 +482,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>
@ -1046,9 +1044,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>
@ -3878,6 +3874,34 @@ must be satisfied for the validation rule to succeed.</p>
<tr>
<td><code>generateExisting</code>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>GenerateExisting controls whether to trigger the rule in existing resources
If is set to &quot;true&quot; the rule will be triggered and applied to existing matched resources.</p>
</td>
</tr>
<tr> <tr>
<td><code>ResourceSpec</code> <td><code>ResourceSpec</code>
@ -8004,9 +8028,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>

18
docs/user/crd/kyverno.v2beta1.html
View file

@ -1069,6 +1069,8 @@ Default value is &quot;false&quot;.</p>
<tr> <tr>
<td><code>generateExisting</code> <td><code>generateExisting</code>
<span style="color:blue;"> *</span>
</br> </br>
@ -1081,9 +1083,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>
@ -1632,6 +1632,8 @@ Default value is &quot;false&quot;.</p>
<tr> <tr>
<td><code>generateExisting</code> <td><code>generateExisting</code>
<span style="color:blue;"> *</span>
</br> </br>
@ -1644,9 +1646,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>
@ -4412,6 +4412,8 @@ Default value is &quot;false&quot;.</p>
<tr> <tr>
<td><code>generateExisting</code> <td><code>generateExisting</code>
<span style="color:blue;"> *</span>
</br> </br>
@ -4424,9 +4426,7 @@ Default value is &quot;false&quot;.</p>
<td> <td>
<p>GenerateExisting controls whether to trigger generate rule in existing resources <p>Deprecated, use generateExisting under the generate rule instead</p>
If is set to &quot;true&quot; generate rule will be triggered and applied to existing matched resources.
Defaults to &quot;false&quot; if not specified.</p>

9
pkg/client/applyconfigurations/kyverno/v1/generation.go
View file

@ -26,6 +26,7 @@ import (
// GenerationApplyConfiguration represents an declarative configuration of the Generation type for use // GenerationApplyConfiguration represents an declarative configuration of the Generation type for use
// with apply. // with apply.
type GenerationApplyConfiguration struct { type GenerationApplyConfiguration struct {
GenerateExisting *bool `json:"generateExisting,omitempty"`
*ResourceSpecApplyConfiguration `json:"ResourceSpec,omitempty"` *ResourceSpecApplyConfiguration `json:"ResourceSpec,omitempty"`
Synchronize *bool `json:"synchronize,omitempty"` Synchronize *bool `json:"synchronize,omitempty"`
OrphanDownstreamOnPolicyDelete *bool `json:"orphanDownstreamOnPolicyDelete,omitempty"` OrphanDownstreamOnPolicyDelete *bool `json:"orphanDownstreamOnPolicyDelete,omitempty"`
@ -40,6 +41,14 @@ func Generation() *GenerationApplyConfiguration {
return &GenerationApplyConfiguration{} return &GenerationApplyConfiguration{}
} }
// WithGenerateExisting sets the GenerateExisting field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the GenerateExisting field is set to the value of the last call.
func (b *GenerationApplyConfiguration) WithGenerateExisting(value bool) *GenerationApplyConfiguration {
b.GenerateExisting = &value
return b
}
// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value // WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
// and returns the receiver, so that objects can be built by chaining "With" function invocations. // and returns the receiver, so that objects can be built by chaining "With" function invocations.
// If called multiple times, the APIVersion field is set to the value of the last call. // If called multiple times, the APIVersion field is set to the value of the last call.