mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 15:37:19 +00:00
Code Activity

add a kuttl test (#6622)

Browse source 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
This commit is contained in:
shuting 2023-03-31 18:27:25 +08:00 committed by GitHub
parent 263fd8a7a8
commit a243b405d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 212 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pkg/event/controller.go
View file

@ -196,6 +196,7 @@ func (gen *generator) syncHandler(key Info) error {
eventType = corev1.EventTypeNormal eventType = corev1.EventTypeNormal
} }
logger.V(2).Info("creating the event", "source", key.Source, "type", eventType, "resource", key.Resource())
// based on the source of event generation, use different event recorders // based on the source of event generation, use different event recorders
switch key.Source { switch key.Source {
case AdmissionController: case AdmissionController:

9
pkg/event/info.go
View file

@ -1,5 +1,7 @@
package event package event
import "strings"
// Info defines the event details // Info defines the event details
type Info struct { type Info struct {
Kind string Kind string
@ -9,3 +11,10 @@ type Info struct {
Message string Message string
Source Source Source Source
} }
func (i *Info) Resource() string {
if i.Namespace == "" {
return strings.Join([]string{i.Kind, i.Name}, "/")
}
return strings.Join([]string{i.Kind, i.Namespace, i.Name}, "/")
}

15
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/01-clusterrole.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app: kyverno
app.kubernetes.io/instance: kyverno
app.kubernetes.io/name: kyverno
name: kyverno:generate-events
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create

18
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/02-assert.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app: kyverno
app.kubernetes.io/instance: kyverno
app.kubernetes.io/name: kyverno
name: kyverno:generate-events
---
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: generate-event-upon-edit
status:
conditions:
- reason: Succeeded
status: "True"
type: Ready

38
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/02-clusterpolicy.yaml Normal file
View file

@ -0,0 +1,38 @@
apiVersion: kyverno.io/v2beta1
kind: ClusterPolicy
metadata:
name: generate-event-upon-edit
spec:
background: false
rules:
- name: generate-event-on-edit
match:
any:
- resources:
kinds:
- ConfigMap
preconditions:
any:
- key: "{{ request.operation }}"
operator: Equals
value: UPDATE
generate:
apiVersion: v1
kind: Event
name: "edit.{{ random('[a-z0-9]{12}') }}"
namespace: "{{request.object.metadata.namespace}}"
synchronize: false
data:
firstTimestamp: "{{ time_now_utc() }}"
involvedObject:
apiVersion: v1
kind: ConfigMap
name: "{{ request.name }}"
namespace: "{{ request.namespace }}"
uid: "{{request.object.metadata.uid}}"
lastTimestamp: "{{ time_now_utc() }}"
message: This resource was updated by {{ request.userInfo | to_string(@) }}
reason: Edit
source:
component: kyverno
type: Warning

14
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/03-configmap_orig.yaml Normal file
View file

@ -0,0 +1,14 @@
apiVersion: v1
kind: Namespace
metadata:
name: generate-event-on-edit-ns
---
apiVersion: v1
kind: ConfigMap
metadata:
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
data:
food: cheese
day: monday
color: red

9
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/04-configmap_edit_1.yaml Normal file
View file

@ -0,0 +1,9 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
data:
food: cheese
day: wednesday
color: red

20
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/05-assert.yaml Normal file
View file

@ -0,0 +1,20 @@
apiVersion: v1
involvedObject:
apiVersion: v1
kind: ConfigMap
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
kind: Event
metadata:
labels:
app.kubernetes.io/managed-by: kyverno
generate.kyverno.io/policy-name: generate-event-upon-edit
generate.kyverno.io/policy-namespace: ""
generate.kyverno.io/rule-name: generate-event-on-edit
generate.kyverno.io/trigger-apiversion: v1
generate.kyverno.io/trigger-kind: ConfigMap
generate.kyverno.io/trigger-name: generate-event-on-edit-configmap
generate.kyverno.io/trigger-namespace: generate-event-on-edit-ns
namespace: generate-event-on-edit-ns
source:
component: kyverno

9
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/06-configmap_edit_2.yaml Normal file
View file

@ -0,0 +1,9 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
data:
food: cheese
day: friday
color: red

41
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/07-assert.yaml Normal file
View file

@ -0,0 +1,41 @@
apiVersion: v1
involvedObject:
apiVersion: v1
kind: ConfigMap
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
kind: Event
metadata:
labels:
app.kubernetes.io/managed-by: kyverno
generate.kyverno.io/policy-name: generate-event-upon-edit
generate.kyverno.io/policy-namespace: ""
generate.kyverno.io/rule-name: generate-event-on-edit
generate.kyverno.io/trigger-apiversion: v1
generate.kyverno.io/trigger-kind: ConfigMap
generate.kyverno.io/trigger-name: generate-event-on-edit-configmap
generate.kyverno.io/trigger-namespace: generate-event-on-edit-ns
namespace: generate-event-on-edit-ns
source:
component: kyverno
---
apiVersion: v1
involvedObject:
apiVersion: v1
kind: ConfigMap
name: generate-event-on-edit-configmap
namespace: generate-event-on-edit-ns
kind: Event
metadata:
labels:
app.kubernetes.io/managed-by: kyverno
generate.kyverno.io/policy-name: generate-event-upon-edit
generate.kyverno.io/policy-namespace: ""
generate.kyverno.io/rule-name: generate-event-on-edit
generate.kyverno.io/trigger-apiversion: v1
generate.kyverno.io/trigger-kind: ConfigMap
generate.kyverno.io/trigger-name: generate-event-on-edit-configmap
generate.kyverno.io/trigger-namespace: generate-event-on-edit-ns
namespace: generate-event-on-edit-ns
source:
component: kyverno

27
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/08-reset-clusterrole.yaml Normal file
View file

@ -0,0 +1,27 @@
## reset changed clusterrole for the rest of the tests
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kyverno:background-controller:additional
rules:
- apiGroups:
- '*'
resources:
- configmaps
- networkpolicies
- resourcequotas
- secrets
- roles
- rolebindings
- limitranges
- namespaces
- nodes
- nodes/status
- pods
verbs:
- create
- update
- patch
- delete
- get
- list

11
test/conformance/kuttl/generate/clusterpolicy/cornercases/generate-event-upon-edit/README.md Normal file
View file

@ -0,0 +1,11 @@
## Description
This test checks an event should be created when updates a configmap.
## Expected Behavior
Total number of two events should be created at the end, one per UPDATE operation of the configmap.
## Reference Issue(s)
https://github.com/kyverno/kyverno/issues/6458