From 86045fc02c15edfe2c9aaa3c39222fe818fc2514 Mon Sep 17 00:00:00 2001
From: Arsh Sharma <56963264+RinkiyaKeDad@users.noreply.github.com>
Date: Tue, 22 Jun 2021 07:07:20 +0530
Subject: [PATCH] adding support for policies.kyverno.io/scored annotation
 (#1976)

* initial commit

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>

* added debug statements

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>

* fixed report

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>

* removed code for debugging

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>

* newline fix

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>

* fix default case

Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
---
 pkg/policyreport/builder.go | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/pkg/policyreport/builder.go b/pkg/policyreport/builder.go
index 1cb29ceab8..c277f35a4e 100755
--- a/pkg/policyreport/builder.go
+++ b/pkg/policyreport/builder.go
@@ -145,7 +145,7 @@ func (builder *requestBuilder) buildRCRResult(policy string, resource response.R
 				UID:        types.UID(resource.UID),
 			},
 		},
-		Scored:   true,
+		Scored:   av.scored,
 		Category: av.category,
 		Severity: av.severity,
 	}
@@ -153,6 +153,9 @@ func (builder *requestBuilder) buildRCRResult(policy string, resource response.R
 	result.Rule = rule.Name
 	result.Message = rule.Message
 	result.Status = report.PolicyStatus(rule.Check)
+	if result.Status == "fail" && !av.scored {
+		result.Status = "warn"
+	}
 	return result
 }
 
@@ -258,10 +261,12 @@ func buildViolatedRules(er *response.EngineResponse) []kyverno.ViolatedRule {
 
 const categoryLabel string = "policies.kyverno.io/category"
 const severityLabel string = "policies.kyverno.io/severity"
+const scoredLabel string = "policies.kyverno.io/scored"
 
 type annotationValues struct {
 	category string
 	severity report.PolicySeverity
+	scored   bool
 }
 
 func (av *annotationValues) setSeverityFromString(severity string) {
@@ -285,6 +290,15 @@ func (builder *requestBuilder) fetchAnnotationValues(policy, ns string) annotati
 	if severity, ok := ann[severityLabel]; ok {
 		av.setSeverityFromString(severity)
 	}
+	if scored, ok := ann[scoredLabel]; ok {
+		if scored == "false" {
+			av.scored = false
+		} else {
+			av.scored = true
+		}
+	} else {
+		av.scored = true
+	}
 
 	return av
 }