added source label logic to validate policy

2025-03-31 03:45:17 +00:00 · 2020-12-30 12:10:41 +05:30 · 2020-12-30 12:10:41 +05:30 · 887fa10049
commit 887fa10049
parent bbb5dc01a7
2 changed files with 40 additions and 32 deletions
--- a/pkg/generate/generate.go
+++ b/pkg/generate/generate.go
@ -465,38 +465,6 @@ func manageClone(log logr.Logger, apiVersion, kind, namespace, name, policy stri
 		return nil, Skip, fmt.Errorf("source resource %s %s/%s/%s not found. %v", apiVersion, kind, rNamespace, rName, err)
 	}

-	updateSource := true
-
-	// add label
-	label := obj.GetLabels()
-	if len(label) == 0 {
-		label = make(map[string]string)
-		label["generate.kyverno.io/clone-policy-name"] = policy
-	} else {
-		if label["generate.kyverno.io/clone-policy-name"] != "" {
-			policyNames := label["generate.kyverno.io/clone-policy-name"]
-			if !strings.Contains(policyNames, policy) {
-				policyNames = policyNames + "," + policy
-				label["generate.kyverno.io/clone-policy-name"] = policyNames
-			} else {
-				updateSource = false
-			}
-		} else {
-			label["generate.kyverno.io/clone-policy-name"] = policy
-		}
-	}
-
-	if updateSource {
-		log.V(4).Info("updating existing clone source")
-		obj.SetLabels(label)
-		_, err = client.UpdateResource(apiVersion, kind, rNamespace, obj, false)
-		if err != nil {
-			log.Error(err, "failed to update source  name:%v namespace:%v kind:%v", obj.GetName(), obj.GetNamespace(), obj.GetKind())
-			return nil, Skip, fmt.Errorf("failed to update source label: %v", err)
-		}
-		log.V(4).Info("updated source  name:%v namespace:%v kind:%v", obj.GetName(), obj.GetNamespace(), obj.GetKind())
-	}
-
 	// check if resource to be generated exists
 	newResource, err := client.GetResource(apiVersion, kind, namespace, name)
 	if err == nil {
--- a/pkg/policy/validate.go
+++ b/pkg/policy/validate.go
@ -120,6 +120,46 @@ func Validate(policyRaw []byte, client *dclient.Client, mock bool, openAPIContro
 		if !isLabelAndAnnotationsString(rule) {
 			return fmt.Errorf("labels and annotations supports only string values, \"use double quotes around the non string values\"")
 		}
+
+		// add label to source mentioned in policy
+		if !mock && rule.Generation.Clone.Name != "" {
+			obj, err := client.GetResource("", rule.Generation.Kind, rule.Generation.Clone.Namespace, rule.Generation.Clone.Name)
+			if err != nil {
+				log.Log.Error(err, fmt.Sprintf("source resource %s/%s/%s not found.", rule.Generation.Kind, rule.Generation.Clone.Namespace, rule.Generation.Clone.Name))
+				continue
+			}
+
+			updateSource := true
+			label := obj.GetLabels()
+
+			if len(label) == 0 {
+				label = make(map[string]string)
+				label["generate.kyverno.io/clone-policy-name"] = p.GetName()
+			} else {
+				if label["generate.kyverno.io/clone-policy-name"] != "" {
+					policyNames := label["generate.kyverno.io/clone-policy-name"]
+					if !strings.Contains(policyNames, p.GetName()) {
+						policyNames = policyNames + "," + p.GetName()
+						label["generate.kyverno.io/clone-policy-name"] = policyNames
+					} else {
+						updateSource = false
+					}
+				} else {
+					label["generate.kyverno.io/clone-policy-name"] = p.GetName()
+				}
+			}
+
+			if updateSource {
+				log.Log.V(4).Info("updating existing clone source")
+				obj.SetLabels(label)
+				_, err = client.UpdateResource(obj.GetAPIVersion(), rule.Generation.Kind, rule.Generation.Clone.Namespace, obj, false)
+				if err != nil {
+					log.Log.Error(err, "failed to update source  name:%v namespace:%v kind:%v", obj.GetName(), obj.GetNamespace(), obj.GetKind())
+					continue
+				}
+				log.Log.V(4).Info("updated source  name:%v namespace:%v kind:%v", obj.GetName(), obj.GetNamespace(), obj.GetKind())
+			}
+		}
 	}

 	if !mock {