1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00

refactor: cli packages structure (#8254)

* refactor: cli packages structure

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix: unit tests

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2023-09-04 19:04:10 +02:00 committed by GitHub
parent 4da72e3758
commit 90d84d81b2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 112 additions and 26 deletions

View file

@ -1,7 +1,7 @@
package apply
import (
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/color"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/output/table"
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
@ -14,7 +14,7 @@ func printTable(compact, auditWarn bool, engineResponses ...engineapi.EngineResp
policy := engineResponse.Policy()
policyName := policy.GetName()
policyNamespace := policy.GetNamespace()
scored := annotationsutils.Scored(policy.GetAnnotations())
scored := annotations.Scored(policy.GetAnnotations())
resourceKind := engineResponse.Resource.GetKind()
resourceNamespace := engineResponse.Resource.GetNamespace()
resourceName := engineResponse.Resource.GetName()

View file

@ -5,7 +5,7 @@ import (
"os"
"path/filepath"
testutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/test"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/test"
"github.com/spf13/cobra"
"sigs.k8s.io/yaml"
)
@ -18,9 +18,9 @@ func Command() *cobra.Command {
Short: "Fix inconsistencies and deprecated usage in Kyverno test files.",
Example: "",
RunE: func(cmd *cobra.Command, args []string) error {
var testCases []testutils.TestCase
var testCases []test.TestCase
for _, arg := range args {
tests, err := testutils.LoadTests(arg, fileName)
tests, err := test.LoadTests(arg, fileName)
if err != nil {
return err
}

View file

@ -9,14 +9,14 @@ import (
"github.com/go-git/go-billy/v5"
"github.com/go-git/go-billy/v5/memfs"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/test"
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/source"
testutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/test"
gitutils "github.com/kyverno/kyverno/pkg/utils/git"
)
func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Filesystem, testutils.TestCases, error) {
var tests []testutils.TestCase
func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Filesystem, test.TestCases, error) {
var tests []test.TestCase
// TODO support multiple paths
path := dirPath[0]
if source.IsGit(path) {
@ -62,13 +62,13 @@ func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Files
for _, yamlFilePath := range yamlFiles {
if filepath.Base(yamlFilePath) == fileName {
// resoucePath := strings.Trim(yamlFilePath, fileName)
tests = append(tests, testutils.LoadTest(fs, yamlFilePath))
tests = append(tests, test.LoadTest(fs, yamlFilePath))
}
}
}
return fs, tests, nil
} else {
tests, err := testutils.LoadTests(path, fileName)
tests, err := test.LoadTests(path, fileName)
return nil, tests, err
}
}

View file

@ -0,0 +1,86 @@
package api
import (
policyreportv1alpha2 "github.com/kyverno/kyverno/api/policyreport/v1alpha2"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type Test struct {
Name string `json:"name"`
Policies []string `json:"policies"`
Resources []string `json:"resources"`
Variables string `json:"variables,omitempty"`
UserInfo string `json:"userinfo,omitempty"`
Results []TestResults `json:"results"`
Values *Values `json:"values,omitempty"`
}
type TestResults struct {
// Policy mentions the name of the policy.
Policy string `json:"policy"`
// Rule mentions the name of the rule in the policy.
// It's required in case policy is a kyverno policy.
// +optional
Rule string `json:"rule,omitempty"`
// IsValidatingAdmissionPolicy indicates if the policy is a validating admission policy.
// It's required in case policy is a validating admission policy.
// +optional
IsValidatingAdmissionPolicy bool `json:"isValidatingAdmissionPolicy,omitempty"`
// Result mentions the result that the user is expecting.
// Possible values are pass, fail and skip.
Result policyreportv1alpha2.PolicyResult `json:"result"`
// Status mentions the status that the user is expecting.
// Possible values are pass, fail and skip.
Status policyreportv1alpha2.PolicyResult `json:"status,omitempty"`
// Resource mentions the name of the resource on which the policy is to be applied.
Resource string `json:"resource,omitempty"`
// Resources gives us the list of resources on which the policy is going to be applied.
Resources []string `json:"resources"`
// Kind mentions the kind of the resource on which the policy is to be applied.
Kind string `json:"kind"`
// Namespace mentions the namespace of the policy which has namespace scope.
Namespace string `json:"namespace,omitempty"`
// PatchedResource takes a resource configuration file in yaml format from
// the user to compare it against the Kyverno mutated resource configuration.
PatchedResource string `json:"patchedResource,omitempty"`
// GeneratedResource takes a resource configuration file in yaml format from
// the user to compare it against the Kyverno generated resource configuration.
GeneratedResource string `json:"generatedResource,omitempty"`
// CloneSourceResource takes the resource configuration file in yaml format
// from the user which is meant to be cloned by the generate rule.
CloneSourceResource string `json:"cloneSourceResource,omitempty"`
}
type Policy struct {
Name string `json:"name"`
Resources []Resource `json:"resources"`
Rules []Rule `json:"rules"`
}
type Rule struct {
Name string `json:"name"`
Values map[string]interface{} `json:"values"`
ForeachValues map[string][]interface{} `json:"foreachValues"`
}
type Values struct {
Policies []Policy `json:"policies"`
GlobalValues map[string]string `json:"globalValues"`
NamespaceSelectors []NamespaceSelector `json:"namespaceSelector"`
Subresources []Subresource `json:"subresources"`
}
type Resource struct {
Name string `json:"name"`
Values map[string]interface{} `json:"values"`
}
type Subresource struct {
APIResource metav1.APIResource `json:"subresource"`
ParentResource metav1.APIResource `json:"parentResource"`
}
type NamespaceSelector struct {
Name string `json:"name"`
Labels map[string]string `json:"labels"`
}

View file

@ -81,25 +81,25 @@ func TestLoadTests(t *testing.T) {
wantErr: false,
}, {
name: "invalid dir",
dirPath: "../../testdata/tests/invalid",
dirPath: "../testdata/tests/invalid",
fileName: "kyverno-test.yaml",
want: nil,
wantErr: true,
}, {
name: "invalid dir",
dirPath: "../../testdata/tests",
dirPath: "../testdata/tests",
fileName: "kyverno-test-invalid.yaml",
want: []TestCase{{
Path: "../../testdata/tests/test-invalid/kyverno-test-invalid.yaml",
Path: "../testdata/tests/test-invalid/kyverno-test-invalid.yaml",
Err: errors.New("error unmarshaling JSON: while decoding JSON: json: unknown field \"foo\""),
}},
wantErr: false,
}, {
name: "ok",
dirPath: "../../testdata/tests/test-1",
dirPath: "../testdata/tests/test-1",
fileName: "kyverno-test.yaml",
want: []TestCase{{
Path: "../../testdata/tests/test-1/kyverno-test.yaml",
Path: "../testdata/tests/test-1/kyverno-test.yaml",
Test: &api.Test{
Name: "test-registry",
Policies: []string{"image-example.yaml"},
@ -122,10 +122,10 @@ func TestLoadTests(t *testing.T) {
wantErr: false,
}, {
name: "ok",
dirPath: "../../testdata/tests/test-2",
dirPath: "../testdata/tests/test-2",
fileName: "kyverno-test.yaml",
want: []TestCase{{
Path: "../../testdata/tests/test-2/kyverno-test.yaml",
Path: "../testdata/tests/test-2/kyverno-test.yaml",
Test: &api.Test{
Name: "add-quota",
Policies: []string{"policy.yaml"},
@ -150,10 +150,10 @@ func TestLoadTests(t *testing.T) {
wantErr: false,
}, {
name: "ok",
dirPath: "../../testdata/tests",
dirPath: "../testdata/tests",
fileName: "kyverno-test.yaml",
want: []TestCase{{
Path: "../../testdata/tests/test-1/kyverno-test.yaml",
Path: "../testdata/tests/test-1/kyverno-test.yaml",
Test: &api.Test{
Name: "test-registry",
Policies: []string{"image-example.yaml"},
@ -173,7 +173,7 @@ func TestLoadTests(t *testing.T) {
}},
},
}, {
Path: "../../testdata/tests/test-2/kyverno-test.yaml",
Path: "../testdata/tests/test-2/kyverno-test.yaml",
Test: &api.Test{
Name: "add-quota",
Policies: []string{"policy.yaml"},

View file

@ -15,7 +15,7 @@ import (
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/commands/test/api"
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/source"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
@ -687,7 +687,7 @@ func processEngineResponses(responses []engineapi.EngineResponse, c ApplyPolicyC
if polType := pol.GetType(); polType == engineapi.ValidatingAdmissionPolicyType {
return
}
scored := annotationsutils.Scored(c.Policy.GetAnnotations())
scored := annotations.Scored(c.Policy.GetAnnotations())
for _, rule := range autogen.ComputeRules(pol.GetPolicy().(kyvernov1.PolicyInterface)) {
if rule.HasValidate() || rule.HasVerifyImageChecks() || rule.HasVerifyImages() {
ruleFoundInEngineResponse := false

View file

@ -3,7 +3,7 @@ package report
import (
"github.com/kyverno/kyverno/api/kyverno"
policyreportv1alpha2 "github.com/kyverno/kyverno/api/policyreport/v1alpha2"
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
reportutils "github.com/kyverno/kyverno/pkg/utils/report"
corev1 "k8s.io/api/core/v1"
@ -14,9 +14,9 @@ func ComputePolicyReportResult(auditWarn bool, engineResponse engineapi.EngineRe
policy := engineResponse.Policy()
policyName := policy.GetName()
audit := engineResponse.GetValidationFailureAction().Audit()
scored := annotationsutils.Scored(policy.GetAnnotations())
category := annotationsutils.Category(policy.GetAnnotations())
severity := annotationsutils.Severity(policy.GetAnnotations())
scored := annotations.Scored(policy.GetAnnotations())
category := annotations.Category(policy.GetAnnotations())
severity := annotations.Severity(policy.GetAnnotations())
result := policyreportv1alpha2.PolicyReportResult{
// TODO policy name looks wrong, it should consider the namespace too
Policy: policyName,