- remove resource info per rule; - add resource info in each failed admission request

2025-04-16 09:16:24 +00:00 · 2019-11-06 17:14:32 -08:00 · 2019-11-06 17:14:32 -08:00 · 8496a483dc
commit 8496a483dc
parent 42150f95da
3 changed files with 8 additions and 5 deletions
--- a/pkg/engine/overlay.go
+++ b/pkg/engine/overlay.go
@ -36,7 +36,7 @@ func processOverlay(rule kyverno.Rule, resource unstructured.Unstructured) (resp
 		case conditionNotPresent:
 			glog.Infof("Resource %s/%s/%s: %s", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
 			response.Success = true
-			response.Message = fmt.Sprintf("Resource %s/%s/%s: %s.", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
+			response.Message = overlayerr.ErrorMsg()
 			return response, resource
 		// conditions are not met, don't apply this rule
 		// consider as failure
@ -44,7 +44,7 @@ func processOverlay(rule kyverno.Rule, resource unstructured.Unstructured) (resp
 			glog.Errorf("Resource %s/%s/%s does not meet the conditions in the rule %s with overlay pattern %s", resource.GetKind(), resource.GetNamespace(), resource.GetName(), rule.Name, rule.Mutation.Overlay)
 			//TODO: send zero response and not consider this as applied?
 			response.Success = false
-			response.Message = fmt.Sprintf("Resource %s/%s/%s: %v.", resource.GetKind(), resource.GetNamespace(), resource.GetName(), overlayerr.ErrorMsg())
+			response.Message = overlayerr.ErrorMsg()
 			return response, resource
 		// rule application failed
 		case overlayFailure:
--- a/pkg/webhooks/annotations.go
+++ b/pkg/webhooks/annotations.go
@ -3,10 +3,9 @@ package webhooks
 import (
 	"encoding/json"
 	"github.com/nirmata/kyverno/pkg/engine"
 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/golang/glog"
 	"github.com/nirmata/kyverno/pkg/engine"
 )
 const (
--- a/pkg/webhooks/utils.go
+++ b/pkg/webhooks/utils.go
@ -33,8 +33,12 @@ func toBlockResource(engineReponses []engine.EngineResponse) bool {
 func getErrorMsg(engineReponses []engine.EngineResponse) string {
 	var str []string
 	var resourceInfo string
 	for _, er := range engineReponses {
 		if !er.IsSuccesful() {
 			// resource in engineReponses is identical as this was called per admission request
 			resourceInfo = fmt.Sprintf("%s/%s/%s", er.PolicyResponse.Resource.Kind, er.PolicyResponse.Resource.Namespace, er.PolicyResponse.Resource.Name)
 			str = append(str, fmt.Sprintf("failed policy %s", er.PolicyResponse.Policy))
 			for _, rule := range er.PolicyResponse.Rules {
 				if !rule.Success {
@ -43,7 +47,7 @@ func getErrorMsg(engineReponses []engine.EngineResponse) string {
 			}
 		}
 	}
-	return strings.Join(str, "\n")
+	return fmt.Sprintf("Resource %s: %s", resourceInfo, strings.Join(str, "\n"))
 }
 //ArrayFlags to store filterkinds