mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 15:37:19 +00:00
Code Activity

change util function for retrieving kind, name and namespace from resource RAW

Browse source
This commit is contained in:
shuting 2019-05-02 11:15:23 -07:00
parent 72d0cc853e
commit 8558ba3d64
3 changed files with 18 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
webhooks/admission.go
View file

@ -58,7 +58,7 @@ func IsRuleApplicableToResource(kind string, resourceRaw []byte, policyResource
if resourceRaw != nil { if resourceRaw != nil {
meta := parseMetadataFromObject(resourceRaw) meta := parseMetadataFromObject(resourceRaw)
name := parseNameFromMetadata(meta) name := parseNameFromObject(resourceRaw)
if policyResource.Name != nil { if policyResource.Name != nil {

13
webhooks/mutation.go
View file

@ -76,9 +76,8 @@ func (mw *MutationWebhook) Mutate(request *v1beta1.AdmissionRequest) *v1beta1.Ad
} }
if len(policyPatches) > 0 { if len(policyPatches) > 0 {
meta := parseMetadataFromObject(request.Object.Raw) namespace := parseNamespaceFromObject(request.Object.Raw)
namespace := parseNamespaceFromMetadata(meta) name := parseNameFromObject(request.Object.Raw)
name := parseNameFromMetadata(meta)
mw.controller.LogPolicyInfo(policy.Name, fmt.Sprintf("Applied to %s %s/%s", request.Kind.Kind, namespace, name)) mw.controller.LogPolicyInfo(policy.Name, fmt.Sprintf("Applied to %s %s/%s", request.Kind.Kind, namespace, name))
mw.logger.Printf("%s applied to %s %s/%s", policy.Name, request.Kind.Kind, namespace, name) mw.logger.Printf("%s applied to %s %s/%s", policy.Name, request.Kind.Kind, namespace, name)
@ -117,10 +116,9 @@ func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource [
var policyPatches []PatchBytes var policyPatches []PatchBytes
var violations []violation.Info var violations []violation.Info
meta := parseMetadataFromObject(rawResource)
resourceKind := parseKindFromObject(rawResource) resourceKind := parseKindFromObject(rawResource)
resourceName := parseNameFromMetadata(meta) resourceName := parseNameFromObject(rawResource)
ns := parseNamespaceFromMetadata(meta) ns := parseNamespaceFromObject(rawResource)
for ruleIdx, rule := range policy.Spec.Rules { for ruleIdx, rule := range policy.Spec.Rules {
err := rule.Validate() err := rule.Validate()
@ -192,8 +190,7 @@ func (mw *MutationWebhook) applyPolicyRulesOnResource(kind string, rawResource [
// Applies "configMapGenerator" and "secretGenerator" described in PolicyRule // Applies "configMapGenerator" and "secretGenerator" described in PolicyRule
func (mw *MutationWebhook) applyRuleGenerators(rawResource []byte, rule types.PolicyRule) error { func (mw *MutationWebhook) applyRuleGenerators(rawResource []byte, rule types.PolicyRule) error {
meta := parseMetadataFromObject(rawResource) namespaceName := parseNameFromObject(rawResource)
namespaceName := parseNameFromMetadata(meta)
err := mw.applyConfigGenerator(rule.ConfigMapGenerator, namespaceName, "ConfigMap") err := mw.applyConfigGenerator(rule.ConfigMapGenerator, namespaceName, "ConfigMap")
if err == nil { if err == nil {

14
webhooks/utils.go
View file

@ -33,14 +33,24 @@ func parseLabelsFromMetadata(meta map[string]interface{}) labels.Set {
return nil return nil
} }
func parseNameFromMetadata(meta map[string]interface{}) string { func parseNameFromObject(bytes []byte) string {
var objectJSON map[string]interface{}
json.Unmarshal(bytes, &objectJSON)
meta := objectJSON["metadata"].(map[string]interface{})
if name, ok := meta["name"].(string); ok { if name, ok := meta["name"].(string); ok {
return name return name
} }
return "" return ""
} }
func parseNamespaceFromMetadata(meta map[string]interface{}) string { func parseNamespaceFromObject(bytes []byte) string {
var objectJSON map[string]interface{}
json.Unmarshal(bytes, &objectJSON)
meta := objectJSON["metadata"].(map[string]interface{})
if namespace, ok := meta["namespace"].(string); ok { if namespace, ok := meta["namespace"].(string); ok {
return namespace return namespace
} }