From 88ae60ea9d8a85db3eb15d858d1910f0676faaf0 Mon Sep 17 00:00:00 2001 From: shuting Date: Tue, 25 Jun 2024 22:11:34 +0800 Subject: [PATCH] fix: correctly validate patterns for old and new objects (#10310) * fix: correctly validate patterns for old and new objects Signed-off-by: ShutingZhao * test: add new scenario to the existing test Signed-off-by: ShutingZhao * fix: indention Signed-off-by: ShutingZhao * fix: chainsaw tests Signed-off-by: ShutingZhao --------- Signed-off-by: ShutingZhao --- pkg/background/generate/generate.go | 9 ++++++--- .../chainsaw-step-06-apply-1-1.yaml | 9 +++++++++ .../chainsaw-step-08-assert-1-1.yaml | 10 ++++++++++ .../chainsaw-test.yaml | 12 ++++++++++++ 4 files changed, 37 insertions(+), 3 deletions(-) create mode 100755 test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-06-apply-1-1.yaml create mode 100755 test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-08-assert-1-1.yaml diff --git a/pkg/background/generate/generate.go b/pkg/background/generate/generate.go index 3adf4fa987..a7d669c7e9 100644 --- a/pkg/background/generate/generate.go +++ b/pkg/background/generate/generate.go @@ -475,10 +475,13 @@ func applyRule(log logr.Logger, client dclient.Interface, rule kyvernov1.Rule, t logger.V(4).Info("synchronize disabled, skip syncing changes") continue } - if err := validate.MatchPattern(logger, generatedObj.Object, newResource.Object); err == nil { - logger.V(4).Info("patterns match, skipping updates") - continue + if err := validate.MatchPattern(logger, newResource.Object, generatedObj.Object); err == nil { + if err := validate.MatchPattern(logger, generatedObj.Object, newResource.Object); err == nil { + logger.V(4).Info("patterns match, skipping updates") + continue + } } + logger.V(4).Info("updating existing resource") if targetMeta.GetAPIVersion() == "" { generatedResourceAPIVersion := generatedObj.GetAPIVersion() diff --git a/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-06-apply-1-1.yaml b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-06-apply-1-1.yaml new file mode 100755 index 0000000000..c07802cbd9 --- /dev/null +++ b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-06-apply-1-1.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +data: + ZK_ADDRESS: 192.168.10.10:2181,192.168.10.11:2181,192.168.10.12:2181 +kind: ConfigMap +metadata: + labels: + somekey: somevalue + name: zk-kafka-address + namespace: trainer diff --git a/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-08-assert-1-1.yaml b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-08-assert-1-1.yaml new file mode 100755 index 0000000000..2d4279c9fb --- /dev/null +++ b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-step-08-assert-1-1.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + KAFKA_ADDRESS: 192.168.10.13:9092,192.168.10.14:9092,192.168.10.15:9092 + ZK_ADDRESS: 192.168.10.10:2181,192.168.10.11:2181,192.168.10.12:2181 +kind: ConfigMap +metadata: + labels: + somekey: somevalue + name: zk-kafka-address + namespace: trainer diff --git a/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-test.yaml b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-test.yaml index 76a5898cf8..9b1f2e07d9 100755 --- a/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-test.yaml +++ b/test/conformance/chainsaw/generate/clusterpolicy/standard/data/sync/cpol-data-sync-modify-downstream/chainsaw-test.yaml @@ -29,3 +29,15 @@ spec: try: - assert: file: chainsaw-step-05-assert-1-1.yaml + - name: step-06 + try: + - apply: + file: chainsaw-step-06-apply-1-1.yaml + - name: step-07 + try: + - sleep: + duration: 3s + - name: step-08 + try: + - assert: + file: chainsaw-step-08-assert-1-1.yaml