mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-04-15 16:56:56 +00:00
Code Activity

- remove resource info per rule; - add resource info in each failed admission request

Browse source
This commit is contained in:
Shuting Zhao 2019-11-06 17:14:32 -08:00
parent 42150f95da
commit 8496a483dc
3 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkg/engine/overlay.go
View file

@ -36,7 +36,7 @@ func processOverlay(rule kyverno.Rule, resource unstructured.Unstructured) (resp
case conditionNotPresent:
glog.Infof("Resource %s/%s/%s: %s", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
response.Success = true
response.Message = fmt.Sprintf("Resource %s/%s/%s: %s.", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
response.Message = overlayerr.ErrorMsg()
return response, resource
// conditions are not met, don't apply this rule
// consider as failure
@ -44,7 +44,7 @@ func processOverlay(rule kyverno.Rule, resource unstructured.Unstructured) (resp
glog.Errorf("Resource %s/%s/%s does not meet the conditions in the rule %s with overlay pattern %s", resource.GetKind(), resource.GetNamespace(), resource.GetName(), rule.Name, rule.Mutation.Overlay)
//TODO: send zero response and not consider this as applied?
response.Success = false
response.Message = fmt.Sprintf("Resource %s/%s/%s: %v.", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
response.Message = overlayerr.ErrorMsg()
return response, resource
// rule application failed
case overlayFailure:

3
pkg/webhooks/annotations.go
View file

@ -3,10 +3,9 @@ package webhooks
import (
"encoding/json"
"github.com/nirmata/kyverno/pkg/engine"
jsonpatch "github.com/evanphx/json-patch"
"github.com/golang/glog"
"github.com/nirmata/kyverno/pkg/engine"
)
const (

6
pkg/webhooks/utils.go
View file

@ -33,8 +33,12 @@ func toBlockResource(engineReponses []engine.EngineResponse) bool {
func getErrorMsg(engineReponses []engine.EngineResponse) string {
var str []string
var resourceInfo string
for _, er := range engineReponses {
if !er.IsSuccesful() {
// resource in engineReponses is identical as this was called per admission request
resourceInfo = fmt.Sprintf("%s/%s/%s", er.PolicyResponse.Resource.Kind, er.PolicyResponse.Resource.Namespace, er.PolicyResponse.Resource.Name)
str = append(str, fmt.Sprintf("failed policy %s", er.PolicyResponse.Policy))
for _, rule := range er.PolicyResponse.Rules {
if !rule.Success {
@ -43,7 +47,7 @@ func getErrorMsg(engineReponses []engine.EngineResponse) string {
}
}
}
return strings.Join(str, "\n")
return fmt.Sprintf("Resource %s: %s", resourceInfo, strings.Join(str, "\n"))
}
//ArrayFlags to store filterkinds