1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-15 17:51:20 +00:00

Exit with WARN code if no objects satisfy a policy (#6678)

Signed-off-by: Yurii Rochniak <yrochnyak@gmail.com>
Co-authored-by: shuting <shuting@nirmata.com>
This commit is contained in:
Yurii Rochniak 2023-03-27 11:18:44 +02:00 committed by GitHub
parent 6a60a3da2b
commit 86e28d2848
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -65,6 +65,7 @@ type ApplyCommandConfig struct {
PolicyPaths []string
GitBranch string
warnExitCode int
warnNoPassed bool
}
var (
@ -174,7 +175,7 @@ func Command() *cobra.Command {
return err
}
PrintReportOrViolation(applyCommandConfig.PolicyReport, rc, applyCommandConfig.ResourcePaths, len(resources), skipInvalidPolicies, applyCommandConfig.Stdin, pvInfos, applyCommandConfig.warnExitCode)
PrintReportOrViolation(applyCommandConfig.PolicyReport, rc, applyCommandConfig.ResourcePaths, len(resources), skipInvalidPolicies, applyCommandConfig.Stdin, pvInfos, applyCommandConfig.warnExitCode, applyCommandConfig.warnNoPassed)
return nil
},
}
@ -194,6 +195,7 @@ func Command() *cobra.Command {
cmd.Flags().StringVarP(&applyCommandConfig.GitBranch, "git-branch", "b", "", "test git repository branch")
cmd.Flags().BoolVarP(&applyCommandConfig.AuditWarn, "audit-warn", "", false, "If set to true, will flag audit policies as warnings instead of failures")
cmd.Flags().IntVar(&applyCommandConfig.warnExitCode, "warn-exit-code", 0, "Set the exit code for warnings; if failures or errors are found, will exit 1")
cmd.Flags().BoolVarP(&applyCommandConfig.warnNoPassed, "warn-no-pass", "", false, "Specify if warning exit code should be raised if no objects satisfied a policy; can be used together with --warn-exit-code flag")
return cmd
}
@ -465,7 +467,7 @@ func checkMutateLogPath(mutateLogPath string) (mutateLogPathIsDir bool, err erro
}
// PrintReportOrViolation - printing policy report/violations
func PrintReportOrViolation(policyReport bool, rc *common.ResultCounts, resourcePaths []string, resourcesLen int, skipInvalidPolicies SkippedInvalidPolicies, stdin bool, pvInfos []common.Info, warnExitCode int) {
func PrintReportOrViolation(policyReport bool, rc *common.ResultCounts, resourcePaths []string, resourcesLen int, skipInvalidPolicies SkippedInvalidPolicies, stdin bool, pvInfos []common.Info, warnExitCode int, warnNoPassed bool) {
divider := "----------------------------------------------------------------------"
if len(skipInvalidPolicies.skipped) > 0 {
@ -509,6 +511,8 @@ func PrintReportOrViolation(policyReport bool, rc *common.ResultCounts, resource
osExit(1)
} else if rc.Warn > 0 && warnExitCode != 0 {
osExit(warnExitCode)
} else if rc.Pass == 0 && warnNoPassed {
osExit(warnExitCode)
}
}