mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-28 02:18:15 +00:00
Code Activity

refactor: use context in openapi controller (#4760)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2022-09-30 13:56:47 +02:00 committed by GitHub
parent 287eb84d07
commit 9aca37fe9f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cmd/kyverno/main.go
View file

@ -402,7 +402,7 @@ func main() {
}
// the webhook server runs across all instances
openAPIController := startOpenAPIController(logger, dynamicClient, stopCh)
openAPIController := startOpenAPIController(signalCtx, logger, dynamicClient)
// WEBHOOK
// - https server to provide endpoints called based on rules defined in Mutating & Validation webhook configuration
@ -536,7 +536,7 @@ func main() {
logger.V(2).Info("Kyverno shutdown successful")
}
func startOpenAPIController(logger logr.Logger, client dclient.Interface, stopCh <-chan struct{}) *openapi.Controller {
func startOpenAPIController(ctx context.Context, logger logr.Logger, client dclient.Interface) *openapi.Controller {
logger = logger.WithName("open-api")
openAPIController, err := openapi.NewOpenAPIController()
if err != nil {
@ -547,7 +547,7 @@ func startOpenAPIController(logger logr.Logger, client dclient.Interface, stopCh
openAPISync := openapi.NewCRDSync(client, openAPIController)
// start openAPI controller, this is used in admission review
// thus is required in each instance
openAPISync.Run(1, stopCh)
openAPISync.Run(ctx, 1)
return openAPIController
}

8
pkg/openapi/crdSync.go
View file

@ -70,7 +70,7 @@ func NewCRDSync(client dclient.Interface, controller *Controller) *crdSync {
}
}
func (c *crdSync) Run(workers int, stopCh <-chan struct{}) {
func (c *crdSync) Run(ctx context.Context, workers int) {
if err := c.updateInClusterKindToAPIVersions(); err != nil {
log.Log.Error(err, "failed to update in-cluster api versions")
}
@ -87,7 +87,7 @@ func (c *crdSync) Run(workers int, stopCh <-chan struct{}) {
// Sync CRD before kyverno starts
c.sync()
for i := 0; i < workers; i++ {
go wait.Until(c.CheckSync, 15*time.Second, stopCh)
go wait.UntilWithContext(ctx, c.CheckSync, 15*time.Second)
}
}
@ -249,12 +249,12 @@ func addingDefaultFieldsToSchema(crdName string, schemaRaw []byte) ([]byte, erro
return schemaWithDefaultFields, nil
}
func (c *crdSync) CheckSync() {
func (c *crdSync) CheckSync(ctx context.Context) {
crds, err := c.client.GetDynamicInterface().Resource(runtimeSchema.GroupVersionResource{
Group: "apiextensions.k8s.io",
Version: "v1",
Resource: "customresourcedefinitions",
}).List(context.TODO(), metav1.ListOptions{})
}).List(ctx, metav1.ListOptions{})
if err != nil {
log.Log.Error(err, "could not fetch crd's from server")
return

13
pkg/policy/validate.go
View file

@ -1,6 +1,7 @@
package policy
import (
"context"
"encoding/json"
"fmt"
"reflect"
@ -16,7 +17,7 @@ import (
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/common"
"github.com/kyverno/kyverno/pkg/autogen"
"github.com/kyverno/kyverno/pkg/clients/dclient"
"github.com/kyverno/kyverno/pkg/engine/context"
enginecontext "github.com/kyverno/kyverno/pkg/engine/context"
"github.com/kyverno/kyverno/pkg/engine/variables"
"github.com/kyverno/kyverno/pkg/openapi"
"github.com/kyverno/kyverno/pkg/utils"
@ -84,7 +85,7 @@ func Validate(policy kyvernov1.PolicyInterface, client dclient.Interface, mock b
background := spec.BackgroundProcessingEnabled()
onPolicyUpdate := spec.GetMutateExistingOnPolicyUpdate()
if !mock {
openapi.NewCRDSync(client, openAPIController).CheckSync()
openapi.NewCRDSync(client, openAPIController).CheckSync(context.TODO())
}
var errs field.ErrorList
@ -488,9 +489,9 @@ func objectHasVariables(object interface{}) error {
return nil
}
func buildContext(rule *kyvernov1.Rule, background bool) *context.MockContext {
func buildContext(rule *kyvernov1.Rule, background bool) *enginecontext.MockContext {
re := getAllowedVariables(background)
ctx := context.NewMockContext(re)
ctx := enginecontext.NewMockContext(re)
addContextVariables(rule.Context, ctx)
@ -513,7 +514,7 @@ func getAllowedVariables(background bool) *regexp.Regexp {
return allowedVariables
}
func addContextVariables(entries []kyvernov1.ContextEntry, ctx *context.MockContext) {
func addContextVariables(entries []kyvernov1.ContextEntry, ctx *enginecontext.MockContext) {
for _, contextEntry := range entries {
if contextEntry.APICall != nil || contextEntry.ImageRegistry != nil || contextEntry.Variable != nil {
ctx.AddVariable(contextEntry.Name + "*")
@ -530,7 +531,7 @@ func checkNotFoundErr(err error) bool {
switch err.(type) {
case jmespath.NotFoundError:
return true
case context.InvalidVariableError:
case enginecontext.InvalidVariableError:
return false
default:
return false