mirror of
https://github.com/kyverno/kyverno.git
synced 2025-01-20 18:52:16 +00:00
refactor: cli packages structure (#8254)
* refactor: cli packages structure Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: unit tests Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
parent
4da72e3758
commit
90d84d81b2
10 changed files with 112 additions and 26 deletions
|
@ -1,7 +1,7 @@
|
|||
package apply
|
||||
|
||||
import (
|
||||
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/color"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/output/table"
|
||||
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
|
||||
|
@ -14,7 +14,7 @@ func printTable(compact, auditWarn bool, engineResponses ...engineapi.EngineResp
|
|||
policy := engineResponse.Policy()
|
||||
policyName := policy.GetName()
|
||||
policyNamespace := policy.GetNamespace()
|
||||
scored := annotationsutils.Scored(policy.GetAnnotations())
|
||||
scored := annotations.Scored(policy.GetAnnotations())
|
||||
resourceKind := engineResponse.Resource.GetKind()
|
||||
resourceNamespace := engineResponse.Resource.GetNamespace()
|
||||
resourceName := engineResponse.Resource.GetName()
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"os"
|
||||
"path/filepath"
|
||||
|
||||
testutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/test"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/test"
|
||||
"github.com/spf13/cobra"
|
||||
"sigs.k8s.io/yaml"
|
||||
)
|
||||
|
@ -18,9 +18,9 @@ func Command() *cobra.Command {
|
|||
Short: "Fix inconsistencies and deprecated usage in Kyverno test files.",
|
||||
Example: "",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
var testCases []testutils.TestCase
|
||||
var testCases []test.TestCase
|
||||
for _, arg := range args {
|
||||
tests, err := testutils.LoadTests(arg, fileName)
|
||||
tests, err := test.LoadTests(arg, fileName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -9,14 +9,14 @@ import (
|
|||
|
||||
"github.com/go-git/go-billy/v5"
|
||||
"github.com/go-git/go-billy/v5/memfs"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/test"
|
||||
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/source"
|
||||
testutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/test"
|
||||
gitutils "github.com/kyverno/kyverno/pkg/utils/git"
|
||||
)
|
||||
|
||||
func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Filesystem, testutils.TestCases, error) {
|
||||
var tests []testutils.TestCase
|
||||
func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Filesystem, test.TestCases, error) {
|
||||
var tests []test.TestCase
|
||||
// TODO support multiple paths
|
||||
path := dirPath[0]
|
||||
if source.IsGit(path) {
|
||||
|
@ -62,13 +62,13 @@ func loadTests(dirPath []string, fileName string, gitBranch string) (billy.Files
|
|||
for _, yamlFilePath := range yamlFiles {
|
||||
if filepath.Base(yamlFilePath) == fileName {
|
||||
// resoucePath := strings.Trim(yamlFilePath, fileName)
|
||||
tests = append(tests, testutils.LoadTest(fs, yamlFilePath))
|
||||
tests = append(tests, test.LoadTest(fs, yamlFilePath))
|
||||
}
|
||||
}
|
||||
}
|
||||
return fs, tests, nil
|
||||
} else {
|
||||
tests, err := testutils.LoadTests(path, fileName)
|
||||
tests, err := test.LoadTests(path, fileName)
|
||||
return nil, tests, err
|
||||
}
|
||||
}
|
||||
|
|
86
cmd/cli/kubectl-kyverno/test/api/types.go
Normal file
86
cmd/cli/kubectl-kyverno/test/api/types.go
Normal file
|
@ -0,0 +1,86 @@
|
|||
package api
|
||||
|
||||
import (
|
||||
policyreportv1alpha2 "github.com/kyverno/kyverno/api/policyreport/v1alpha2"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
type Test struct {
|
||||
Name string `json:"name"`
|
||||
Policies []string `json:"policies"`
|
||||
Resources []string `json:"resources"`
|
||||
Variables string `json:"variables,omitempty"`
|
||||
UserInfo string `json:"userinfo,omitempty"`
|
||||
Results []TestResults `json:"results"`
|
||||
Values *Values `json:"values,omitempty"`
|
||||
}
|
||||
|
||||
type TestResults struct {
|
||||
// Policy mentions the name of the policy.
|
||||
Policy string `json:"policy"`
|
||||
// Rule mentions the name of the rule in the policy.
|
||||
// It's required in case policy is a kyverno policy.
|
||||
// +optional
|
||||
Rule string `json:"rule,omitempty"`
|
||||
// IsValidatingAdmissionPolicy indicates if the policy is a validating admission policy.
|
||||
// It's required in case policy is a validating admission policy.
|
||||
// +optional
|
||||
IsValidatingAdmissionPolicy bool `json:"isValidatingAdmissionPolicy,omitempty"`
|
||||
// Result mentions the result that the user is expecting.
|
||||
// Possible values are pass, fail and skip.
|
||||
Result policyreportv1alpha2.PolicyResult `json:"result"`
|
||||
// Status mentions the status that the user is expecting.
|
||||
// Possible values are pass, fail and skip.
|
||||
Status policyreportv1alpha2.PolicyResult `json:"status,omitempty"`
|
||||
// Resource mentions the name of the resource on which the policy is to be applied.
|
||||
Resource string `json:"resource,omitempty"`
|
||||
// Resources gives us the list of resources on which the policy is going to be applied.
|
||||
Resources []string `json:"resources"`
|
||||
// Kind mentions the kind of the resource on which the policy is to be applied.
|
||||
Kind string `json:"kind"`
|
||||
// Namespace mentions the namespace of the policy which has namespace scope.
|
||||
Namespace string `json:"namespace,omitempty"`
|
||||
// PatchedResource takes a resource configuration file in yaml format from
|
||||
// the user to compare it against the Kyverno mutated resource configuration.
|
||||
PatchedResource string `json:"patchedResource,omitempty"`
|
||||
// GeneratedResource takes a resource configuration file in yaml format from
|
||||
// the user to compare it against the Kyverno generated resource configuration.
|
||||
GeneratedResource string `json:"generatedResource,omitempty"`
|
||||
// CloneSourceResource takes the resource configuration file in yaml format
|
||||
// from the user which is meant to be cloned by the generate rule.
|
||||
CloneSourceResource string `json:"cloneSourceResource,omitempty"`
|
||||
}
|
||||
|
||||
type Policy struct {
|
||||
Name string `json:"name"`
|
||||
Resources []Resource `json:"resources"`
|
||||
Rules []Rule `json:"rules"`
|
||||
}
|
||||
|
||||
type Rule struct {
|
||||
Name string `json:"name"`
|
||||
Values map[string]interface{} `json:"values"`
|
||||
ForeachValues map[string][]interface{} `json:"foreachValues"`
|
||||
}
|
||||
|
||||
type Values struct {
|
||||
Policies []Policy `json:"policies"`
|
||||
GlobalValues map[string]string `json:"globalValues"`
|
||||
NamespaceSelectors []NamespaceSelector `json:"namespaceSelector"`
|
||||
Subresources []Subresource `json:"subresources"`
|
||||
}
|
||||
|
||||
type Resource struct {
|
||||
Name string `json:"name"`
|
||||
Values map[string]interface{} `json:"values"`
|
||||
}
|
||||
|
||||
type Subresource struct {
|
||||
APIResource metav1.APIResource `json:"subresource"`
|
||||
ParentResource metav1.APIResource `json:"parentResource"`
|
||||
}
|
||||
|
||||
type NamespaceSelector struct {
|
||||
Name string `json:"name"`
|
||||
Labels map[string]string `json:"labels"`
|
||||
}
|
|
@ -81,25 +81,25 @@ func TestLoadTests(t *testing.T) {
|
|||
wantErr: false,
|
||||
}, {
|
||||
name: "invalid dir",
|
||||
dirPath: "../../testdata/tests/invalid",
|
||||
dirPath: "../testdata/tests/invalid",
|
||||
fileName: "kyverno-test.yaml",
|
||||
want: nil,
|
||||
wantErr: true,
|
||||
}, {
|
||||
name: "invalid dir",
|
||||
dirPath: "../../testdata/tests",
|
||||
dirPath: "../testdata/tests",
|
||||
fileName: "kyverno-test-invalid.yaml",
|
||||
want: []TestCase{{
|
||||
Path: "../../testdata/tests/test-invalid/kyverno-test-invalid.yaml",
|
||||
Path: "../testdata/tests/test-invalid/kyverno-test-invalid.yaml",
|
||||
Err: errors.New("error unmarshaling JSON: while decoding JSON: json: unknown field \"foo\""),
|
||||
}},
|
||||
wantErr: false,
|
||||
}, {
|
||||
name: "ok",
|
||||
dirPath: "../../testdata/tests/test-1",
|
||||
dirPath: "../testdata/tests/test-1",
|
||||
fileName: "kyverno-test.yaml",
|
||||
want: []TestCase{{
|
||||
Path: "../../testdata/tests/test-1/kyverno-test.yaml",
|
||||
Path: "../testdata/tests/test-1/kyverno-test.yaml",
|
||||
Test: &api.Test{
|
||||
Name: "test-registry",
|
||||
Policies: []string{"image-example.yaml"},
|
||||
|
@ -122,10 +122,10 @@ func TestLoadTests(t *testing.T) {
|
|||
wantErr: false,
|
||||
}, {
|
||||
name: "ok",
|
||||
dirPath: "../../testdata/tests/test-2",
|
||||
dirPath: "../testdata/tests/test-2",
|
||||
fileName: "kyverno-test.yaml",
|
||||
want: []TestCase{{
|
||||
Path: "../../testdata/tests/test-2/kyverno-test.yaml",
|
||||
Path: "../testdata/tests/test-2/kyverno-test.yaml",
|
||||
Test: &api.Test{
|
||||
Name: "add-quota",
|
||||
Policies: []string{"policy.yaml"},
|
||||
|
@ -150,10 +150,10 @@ func TestLoadTests(t *testing.T) {
|
|||
wantErr: false,
|
||||
}, {
|
||||
name: "ok",
|
||||
dirPath: "../../testdata/tests",
|
||||
dirPath: "../testdata/tests",
|
||||
fileName: "kyverno-test.yaml",
|
||||
want: []TestCase{{
|
||||
Path: "../../testdata/tests/test-1/kyverno-test.yaml",
|
||||
Path: "../testdata/tests/test-1/kyverno-test.yaml",
|
||||
Test: &api.Test{
|
||||
Name: "test-registry",
|
||||
Policies: []string{"image-example.yaml"},
|
||||
|
@ -173,7 +173,7 @@ func TestLoadTests(t *testing.T) {
|
|||
}},
|
||||
},
|
||||
}, {
|
||||
Path: "../../testdata/tests/test-2/kyverno-test.yaml",
|
||||
Path: "../testdata/tests/test-2/kyverno-test.yaml",
|
||||
Test: &api.Test{
|
||||
Name: "add-quota",
|
||||
Policies: []string{"policy.yaml"},
|
|
@ -15,7 +15,7 @@ import (
|
|||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/commands/test/api"
|
||||
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
|
||||
sanitizederror "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/sanitizedError"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/source"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/store"
|
||||
|
@ -687,7 +687,7 @@ func processEngineResponses(responses []engineapi.EngineResponse, c ApplyPolicyC
|
|||
if polType := pol.GetType(); polType == engineapi.ValidatingAdmissionPolicyType {
|
||||
return
|
||||
}
|
||||
scored := annotationsutils.Scored(c.Policy.GetAnnotations())
|
||||
scored := annotations.Scored(c.Policy.GetAnnotations())
|
||||
for _, rule := range autogen.ComputeRules(pol.GetPolicy().(kyvernov1.PolicyInterface)) {
|
||||
if rule.HasValidate() || rule.HasVerifyImageChecks() || rule.HasVerifyImages() {
|
||||
ruleFoundInEngineResponse := false
|
||||
|
|
|
@ -3,7 +3,7 @@ package report
|
|||
import (
|
||||
"github.com/kyverno/kyverno/api/kyverno"
|
||||
policyreportv1alpha2 "github.com/kyverno/kyverno/api/policyreport/v1alpha2"
|
||||
annotationsutils "github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/annotations"
|
||||
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/policy/annotations"
|
||||
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
|
||||
reportutils "github.com/kyverno/kyverno/pkg/utils/report"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
@ -14,9 +14,9 @@ func ComputePolicyReportResult(auditWarn bool, engineResponse engineapi.EngineRe
|
|||
policy := engineResponse.Policy()
|
||||
policyName := policy.GetName()
|
||||
audit := engineResponse.GetValidationFailureAction().Audit()
|
||||
scored := annotationsutils.Scored(policy.GetAnnotations())
|
||||
category := annotationsutils.Category(policy.GetAnnotations())
|
||||
severity := annotationsutils.Severity(policy.GetAnnotations())
|
||||
scored := annotations.Scored(policy.GetAnnotations())
|
||||
category := annotations.Category(policy.GetAnnotations())
|
||||
severity := annotations.Severity(policy.GetAnnotations())
|
||||
result := policyreportv1alpha2.PolicyReportResult{
|
||||
// TODO policy name looks wrong, it should consider the namespace too
|
||||
Policy: policyName,
|
||||
|
|
Loading…
Add table
Reference in a new issue